Global financial services businesses 300% more likely to face cyber security incidents, report says

Global financial services businesses encounter security incidents 300% more frequently than other industries, according to a report released on Tuesday by Raytheon | Websense, a company that helps protect organizations from cyber attacks and data theft.

The 2015 Financial Services Drill-Down Report found “a high degree of specialization among criminals attacking financial services, a huge investment in the lure attack phase and the specific and anomalous attacks pointed at global targets dealing in finance.”

“For years, this industry has been under attack by highly specialized groups of criminals,” said Carl Leonard, Websense principal security analyst, in the release. “By analyzing the actions and attack patterns prominent and anomalous to this industry, we can share this knowledge to more effectively protect our customers’ data and assets.”

The report noted that the banking/financial sector – which includes the capital and equity markets – is the source of “almost all capital flows upon which societies and business activities around the world depend. And because the free flow of capital is crucial for both the financial system and the financial industry to function properly, trillions of dollars must be in motion every day,” the report said. “The potential damage and disruption to these markets from a successful data breach is almost incalculable, but includes loss of revenue and consumer confidence, reduced profitability, reputational damage, higher debt levels and currency devaluations, among other risks.” [click image below to enlarge]

The report found that 33% of all “lure stage” attacks target financial services; hackers are spending a “huge amount of resources targeting financial services with a disproportionate amount of reconnaissance and lures,” the release said.

Not surprisingly, credential stealing and data theft are the primary objective of criminals, the report said, with researchers noting that, when analyzing the top threats facing this industry, most had some data and credential-stealing elements. For example, the Geodo malware, with its own credential-stealing email worm, is seen 400% more often in finance than other industries.

In general, “obfuscation and search engine optimization poisoning continue to be more prevalent in attacks against financial services than other industries as a whole.” In addition, cybercriminals maintain a constant barrage of low-level attacks to keep security pros occupied dealing with a tremendous volume of background noise while targeted attacks are simultaneously occurring, the report found.