Countries globally are grappling with economic and health challenges caused due to the COVID-19 pandemic. Meanwhile, cyber criminals across the world are capitalizing on this global crisis event.
According to CERT-In (Computer Emergency Response Team), cyber-attacks in India witnessed a spike of almost 300% in 2020 hitting highs of 1,158,208 attacks versus 394,499 attacks in 2019. Financial loss from cyber crimes in India was pegged at Rs 1.25 lakh crore in 2019. Given the quantum jump in attacks, this number is expected to be significantly higher in 2021.
BFSI: A Leading Target for Hackers
The BFSI sector has always been popular with hackers because transactions are increasingly taking place online – critical personal and business information is now stored in cloud and available at the click of a button (or touch screen). For cyber criminals, gaining access to a financial institution’s internal network or a bank account is, therefore, as good as striking gold.
Work from home (WFH) has led to a distributed, perimeter-less environment, which increases the threat surface of enterprises. Also, operations of several security teams are expected to be compromised because of COVID-19, thereby making it challenging to identify and respond to malicious activities. Upgrading patches on various devices also get impacted. All these factors only embolden hackers.
Besides, in a hurry to ensure business continuity, most enterprises may have quickly adopted cloud computing and other digital models and solutions without evaluating their cybersecurity implications. This haste has led to gaps in the cybersecurity stance of several organizations making them easy targets for cyber criminals.
As a result, there has been a sharp rise in phishing and malware attacks on organizations in this sector. Interpol’s assessment of the impact of the pandemic on cyber crime in 2020 has thrown up worrisome numbers –during the four-month period (January to April 2020) some 907,000 spam messages, 737 incidents related to malware and 48,000 malicious URLs – all related to COVID-19 were detected.
Credential abuse, which is a byproduct of phishing, often with a goal of account takeover, remains one of the top attack vectors in a criminal’s arsenal.
According to Akamai’s ‘2021 State of the Internet / Security: Phishing for Finance’ report, there were 193 billion credential stuffing attacks globally in 2020, with 3.4 billion of them in the financial services space– an increase of more than 45% year-on-year in the sector.
Throughout 2020, criminals leveraged COVID-19 and the promise of financial assistance, or the stress of financial hardship, to target people across the globe via phishing. These attacks, in turn, fueled the credential stuffing boom, as newly sorted data breaches, newly collected credentials, and old collections were combined, tested, traded, and sold.
Akamai observed nearly 6.3 billion web application attacks in 2020, with more than 736 million targeting financial services – representing an increase of 62% over 2019. Furthermore, new phishing kits such as Kr3pto and Ex-Robotos have emerged in the BFSI sector, making it more vulnerable.
Have an Edge Over Cyber Criminals
Hackers are not planning on slowing down with their attacks on the sector. Phishing attacks continue to grow in numbers and sophistication with each passing year. The perpetrators are leveraging the same techniques and technologies that enterprise technology leaders do to stay ahead of the curve.
It is more crucial than ever for BFSI organizations to constantly stay ahead of the cybercriminals. A starting point would be to educate employees on cybersecurity threats and make them aware about the dos and don’ts of WFH, for example, warning them against clicking on suspicious links or dubious mails.
Leveraging cutting-edge security technologies such as 2FA (two-factor authentication) and MFA (multi-factor authentication) will also make the job of most opportunistic and low-level hackers that much more difficult. Layered defense approaches and segmentation further make it costly for hackers to carry out an attack, thereby acting as deterrents. The Zero Trust model, which controls and limits access, is rapidly gaining traction amongst enterprise cybersecurity practitioners too, and rightly so.
By enforcing state-of-the-art solutions and models, cybersecurity leaders can enable faster detection and response to threats, ensuring that they have in place successful security strategies that stay a step or more ahead of their attackers.
(The author is Country Sales Manager of Akamai Technologies and the views expressed in the article are his own)