Attacks On Financial Services Are Increasingly Sophisticated

Uploaded on 2020-07-14 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Phishing attacks, in which carefully targeted digital messages are transmitted to fool people into clicking on a link that can then install malware or expose sensitive data, are becoming more sophisticated, but the other main reason UK businesses are ‘up at night’ in terms of cyber security is because of untrained and malicious users. 

IT security has become more highly prioritised by organisations, due in some cases to increased threats and in other cases, tougher legislation and cyber attacks were found to be the joint second most cited risk to the stability of the UK financial system in a recent survey by the Bank of England.

Maintaining organisational security against cyber threats is a unique challenge of trying to hit an always moving target with a Tool kit that’s trying to keep up. Cyber criminals are focused on the targeted game; identifying specific industry verticals, organisations, and even individuals, and devising tailored scams and attacks to maximise success.

In addition, there are notable increases in frequency, sophistication, and scope of ransomware, phishing, business email compromise, and malware attacks.
 
Ransomware has grown to include data theft and extortion to increase the chances of successful attack. The use of deepfake audio is now being used to trick users over the ‘phone, and attackers are no longer satisfied with raking in thousands of dollars when millions are plausible.

The challenge for Information Security leaders is to establish and maintain a layered security strategy that protects the organisation and its users. But the ever-changing landscape of threats, attacks, and malware has some of them deeply worried.

Ransomware, phishing, business email compromise, and malware attacks are becoming greater in frequency, sophistication and scope.

As for compliance with data and related security regulations, the survey of some 200 UK organisations found US-based regulations HIPAA and SOX that have both been around for decades appear to be as much an issue for UK firms as newer regulations, such as the 2018 GDPR Which is the EU-wide new data protection law.

Almost every initial attack vector, emails, links, attachments, webpages, requires the interaction of a user, whether malicious and either negligent or unwitting.

As the survey put it, the executive management of UK firms is more concerned with strategy and any business disruption that may keep those initiatives from succeeding, while IT professionals generally concern themselves with a more tactical perspective around keeping the business running; hence by and large, IT staff concerns are misaligned with those of their executives.

Bank of England:     Professional Security:     KnowB4:         ITProportal:

You Might Also Read: 

Financial Executives Are Out Of Touch With Cyber Threats:

 

« US Companies Hit With A New Ransomware Campaign
Australia To Spend Another A$1billion On Cyber Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

PETRAS IoT Hub

PETRAS IoT Hub

PETRAS is a consortium of 12 research institutions and the world’s largest socio-technical research centre focused on the future implementation of the IoT.

Gate 15

Gate 15

Gate 15 provide risk management services focusing primarily on information, intelligence and threat analysis, operational support and preparedness.

Array Networks

Array Networks

Array Networks, the network functions platform company, develops purpose-built systems for hosting virtual networking and security functions with guaranteed performance.

Coro Cybersecurity

Coro Cybersecurity

Coro (formerly Coronet) empowers organizations to protect against malware, ransomware, phishing, and botnets - across devices, users, and cloud applications.

MAD Security

MAD Security

MAD Security is a premier provider of information and cybersecurity solutions that combine technology, managed security services, support and training.

Flipside

Flipside

Information Security training provider specialized in personalized training and security awareness campaigns.

NTIC Cyber Center

NTIC Cyber Center

NTIC Cyber Center is an organization dedicated to making the National Capital Region (Washington DC) more resilient to cyber-attacks.

Strategic Cyber Ventures (SCV)

Strategic Cyber Ventures (SCV)

SCV grow cybersecurity companies that disrupt advanced cyber adversaries and revolutionize the cyber product marketplace.

Connectria

Connectria

Connectria provides cloud hosting, remote monitoring, and compliant cloud security solutions and services to enterprises, medium and small businesses.

Shevirah

Shevirah

Shevirah specializes in products for automated mobile and IoT device vulnerability assessment, penetration testing, and mobile security awareness training.

Vizius Group

Vizius Group

The Vizius Group are a think tank of cybersecurity consultants who understand the mechanics and business value of risk reduction.

Sevco Security

Sevco Security

Sevco Delivers Real-time Asset Intelligence to Identify and Close Unknown Security Gaps.

Wazuh

Wazuh

Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.

Alpha Mountain AI (alphaMountain)

Alpha Mountain AI (alphaMountain)

alphaMountain provides up-to-date domain and IP intelligence for cybersecurity investigational and protection platforms.

Verisign

Verisign

Verisign is a Global Leader in Domain Names & Internet Security, providing protection for websites and enterprises around the world.

KBE Information Security

KBE Information Security

KBE is a global consulting firm, with offices in Toronto and Milan, which specializes in the area of IT and information security with over 20 years of experience.