Technology
Why Cybercriminals Favor the Financial Sector and how application security can help
Home > Technology > Why Cybercriminals Favor the Financial Sector and how application security can help
Global Banking & Finance Review®
Company
By Neatsun Ziv, CEO at Ox Security
In every organization with a profit-motive, the sectors, deals and verticals which you target will be determined by the associated gains they offer – ideally, with the least effort or resources utilized. In this respect, cybercriminals operate no differently from legitimate businesses. They will choose their targets based on the maximum gains available to them. This, in many cases, leads them directly to the financial sector. Financial services is an area of business which has been forced, by consumer habits and technological advancements, to digitally transform at speeds which vastly outstrip other industries. This, coupled with the obvious fact that there’s a sizable financial reward for hackers targeting financial institutions, has meant they remain firmly in the firing line.
Last year, the financial sector was the second most breached industry, experiencing 566 incidents primarily in the U.S., Argentina, Brazil, and China. These incidents resulted in over 254 million compromised records, highlighting significant vulnerabilities in cloud products and third-party software solutions used in banking. A notable example of third-party risks was the SolarWinds incident in 2020, where malicious software updates exposed numerous organizations, reflecting the extensive potential impact on the financial industry. Additionally, a 2023 ransomware attack on a cloud IT service provider caused significant disruptions for 60 U.S. credit unions, underscoring the systemic risks of third-party IT dependencies.
Code injection attacks pose another critical threat, where attackers introduce malicious code during software development or via compromised third-party libraries, potentially leading to major data breaches and unauthorized access. For instance, compromised development libraries have served as conduits for attackers to breach banking systems. Insider threats also remain a significant concern, as demonstrated by a 2019 incident where a former employee of a cloud service exploited a firewall misconfiguration to access sensitive data, showing how insider access and technical errors can result in severe data leaks.
These episodes highlight the pressing need for the banking sector to enhance transparency and strengthen security measures. Progressive banks are adopting automated security orchestration and automated incident response systems, which significantly decrease response times and reduce the scope for human error. However, To effectively mitigate these significant threats posed by third-party dependencies and breaches, financial institutions must also rigorously address vulnerabilities that arise during the software development process itself.
The banking sector often grapples with the challenge of fully securing applications, particularly due to the reliance on legacy systems and the complexity of integrating diverse technological solutions. This can sometimes lead to application security being somewhat overlooked, despite the heavy investments in broader cybersecurity measures. Rapid technological advancements necessitate continual updates to security practices, which may not always keep pace with the development of new banking applications. Moreover, the sector faces a critical shortage of cybersecurity professionals equipped to handle emerging threats, further complicating the effective management of application security.
To overcome the challenges in application security (AppSec) highlighted in the context of the banking sector, several strategic and operational measures can be implemented:
While implementing these recommendations are crucial, it is equally important that financial security leaders effectively communicate these actions to key stakeholders. They should articulate how these processes not only make security teams more responsive and effective but also increase the cost-effectiveness of the organization’s technology stack without sacrificing security. This also involves identifying tools with overlapping capabilities and refining security strategies to reduce both costs and risks. By taking such comprehensive approaches, financial institutions can significantly strengthen their application security frameworks, better protecting themselves against the evolving landscape of cyber threats.
Conversely however, an approach which aims to provide insights into your entire cloud infrastructure may provide answers which require more complex solutions. The key thing that financial institutions should turn to the security industry is visibility: If they have visibility into their cloud environment, they can work to better understand the blind spots where they might be vulnerable.
Application security refers to the measures taken to improve the security of an application by finding, fixing, and preventing security vulnerabilities. It encompasses the entire software development lifecycle.
Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These attacks typically aim to access, change, or destroy sensitive information.
A ransomware attack is a type of malicious software that encrypts a victim's files, demanding a ransom payment to restore access. It poses significant threats to organizations, especially in the financial sector.
Risk management involves identifying, assessing, and prioritizing risks followed by coordinated efforts to minimize, monitor, and control the probability or impact of unfortunate events.
Explore more articles in the Technology category
