Digital transformation for the financial services sector is vital to protect market share against increasing competition from agile startups, large retailers and technology giants. At the same time, further embracing the digital world puts assets at even greater risk from cyber threats.

Cyber attacks on specific banks and other financial institutions can be criminally or politically motivated. There is also a background of permanently active but indiscriminate attacks, targeting any network where a loophole exists.

The damage that can be done includes:

• Loss of valuable assets
• Loss of data – personal details, account details, transaction record or access to systems that can be used in the next stage or sold on the dark web
• Reputational loss and brand damage once breaches are publicised
• Falling foul of regulators and attracting ever-increasing fines

Attractive targets

The stakes are high. The WannaCry malware attack crippled the NHS and hundreds of other organisations around the world in May 2017. In July Lloyd’s of London claimed that similar attacks could cause economic losses similar to those suffered from natural disasters such as Hurricane Sandy in 2012 – around $50bn.

Another example is the Cobalt cyber crime gang, believed to be responsible for over €1bn in damages to banks in more than 40 countries, believed to have netted an average haul of €10 per attack for themselves. Despite one of the alleged leaders being arrested, the group restarted attacks on banks and ATM networks only two weeks later, demonstrating the difficulty of applying traditional law enforcement methods to cyber criminals.

In April 2017, now-defunct payday loan company Wonga had to admit to a data breach that affected up to 245,000 customers in the UK. Contact and bank account details of customers were stolen. In the worst known hack of 2017, the data for nearly 150 million customer accounts was stolen from credit-checking company Equifax.

Increasing problem

In the UK the FCA said that it had received 80% more reports of cyber attacks on financial services companies in 2017 than in 2016. An Accenture survey in February 2018 found that the average number of cyber attacks reported was 125 per year. Although this was lower than the average across all sectors, the cost per breach was higher, reflecting the attractiveness of the sector to cyber criminals.

The report also showed that financial services companies had faced a 40% increase in the average cost of cybercrime over the last three years. That was just accounting for direct costs; not taking into account longer-term costs such as remediation, compensation and reputational damage.

Methods for calculating the ROI of cyber security investments are still up for debate as saving time and money by preventing an attack that hasn’t happened yet is hard to quantify. Deploying cyber security tools won’t deliver demonstrable savings against current benchmarks either. The ROI comes from preventing direct revenue losses from a cyber attack and adding the costs of repairing disrupted business operations and reputations.

Attacks use the base layer of all networks

There are numerous attack vectors for the cyber criminal to choose from, and a concerted attack against a financial institution will usually feature a blend of tactics, for example:

• Phishing – often targeting particular employees, a technique known as spear-phishing
• Malware installation – gaining control of PCs and servers and installing malicious software.
• Data exfiltration – pushing stolen data out of the organisation by disguising it as legitimate data packets.

One common factor among these types of attack (and others) is that they rely heavily on accessing the target’s DNS system to be effective.

DNS servers translate internet addresses from readable links to the underlying numerical addresses that show their real locations. Because DNS packets are vital to the day-to-day operation of networks they are often allowed through firewalls and other defence mechanisms.

See threats at a glance

While cyber threats take advantage of this, so do Nominet’s cyber security tools, analysing DNS traffic to detect and block these threats, and more. This forms a barrier at the lowest level that prevents both known and unknown threats from breaching your network.

For a visual interpretation of the cyber threats and damage that financial services organisations face, and how Nominet can help you, take a look at our easy-to-digest infographic. Perfect for helping colleagues understand the nature and scope of cyber risks.