Data Driven Futures

FS firms 'at higher risk of cyber attack'

Written by Hannah McGrath

Financial services firms are at higher risk of hacking attempts and cybersecurity breaches than other industries, according to a new report.

An analysis of security data from 225 financial services customers compiled by mobile security firm Wandera over a six month period found a higher volume of phishing attacks than peers outside the vertical, with 57 per cent of financial services firms in the study hit by this kind of attack compared to 42 per cent across industries.

Hackers use phishing attacks to extract personal details, passwords or information from an account by masquerading as a trusted actor, leading the victim to open an email, text or other form of communication.

The study, which comprised data from companies with 50,000 devices collectively under management, also reported 4.7 million cybersecurity 'events' across the subset of devices analysedd, averaging around 21,000 events per organisation on mobile devices alone.

Financial services was also found to be at a higher risk of so-called man-in-the-middle attacks, whereby a hacker intercepts communications between two parties and alters or manipulates the content to make the parties believe they are directly communicating with one another.

Financial services firms were found to be 36 per cent more at risk of this form of attack, compared to 24 per cent across other sectors, which the study suggested might be due to higher than normal travel activity and public Wi-Fi usage to carry out financial services communications.

The report also included a warning over the importance of lock screens on mobile devices to protect sensitive information, after the data showed that for every 20 people in financial services, one individual was working with their lock screen disabled.

However, when it comes to cryptojacking attacks, where a victim’s device or computer is used by an unauthorised entity to mine cryptocurrency, financial services employees appear to use devices more responsibly than other industries, with the impact for financial services found to be one per cent compared to 2.65 per cent across industries.

In addition, more users in financial services maintain their devices with the latest operating system and security patches, suggesting that the industry is gradually catching up with the threats posed by cyber attackers.

Michael Covington, vice president of product strategy at Wandera said: “In the financial services industry, as in many sectors, the security of client information is the most important asset, so it’s disconcerting to find mobile security still an afterthought.”

“Financial organisations are struggling to keep pace with increasing regulations, rapid cloud migrations and rampant BYOD [bring your own device] adoption, among other emerging technology trends, making it crucial that industry security pros work to secure not just the devices, but also the apps installed on them and the data they access.”