Banks Under Constant Hacker Attacks
It makes sense that hackers would go after banks. When you're looking to steal as much money as you can, as quickly as possible, why not go where the money is?
But the effort that hackers expend to break into financial institutions' computer systems every day is pretty staggering, according to a new report from information security firm Websense. The report found that companies in the finance sector encounter "security incidents" 300% more often than other industries.
"The financial services sector has been targeted for years now, as you know, and they do have more mature security practices than other industries," says Rajiv Motwani, director of security research at Websense Security Labs. "But still, they're a very lucrative target for attackers, and the numbers speak for themselves."
Searching for weakness
There's a surprising amount of preparation that goes into a successful cyberattack. Typically, criminals start by researching the company they're trying to breach -- learning employees' names, email addresses and roles within the company.
After that, the next step is what Motwani calls the "lure stage." That's where hackers try to fool employees into accidentally opening up a hole in their company's cyber defenses by, for instance, clicking a link or double clicking a virus-filled attachment in an email.
Last year alone, Websense recorded 4.9 million different "lure" attempts against financial institutions worldwide, representing a third of all lure attempts worldwide, according to the Websense report.
"Hackers are investing disproportionately in terms of financial services victims," Motwani says.
Why you should care
With this much attention from hackers, it's inevitable that some attempts will succeed, threatening customer privacy and financial assets, Motwani says. While customer funds lost because of security breaches are typically restored, it can take time for a bank to investigate and put money back in your account.
But even if your account or financial institution is never breached, you still pay a cost for cyberattacks. Keeping hackers at bay is extremely expensive -- banks can spend as much as $2,500 per employee on cybersecurity annually, according to a report from PricewaterhouseCoopers. Financial institutions also typically carry cybersecurity insurance to cover losses from hackers.
The money to pay for that doesn't materialize out of thin air -- those costs end up being reflected in higher fees for checking accounts and other bank services.
"It is more expensive today to maintain a higher security posture for banks," Motwani says. "Clearly somebody's paying the cost."
Of course, more than your money is at risk during a cyberattack. Hackers could take your personal information, too, and use it to compromise your credit.
Bankrate: http://http://bit.ly/1LR13aP