Finance Tops the List of Most Breached Industries

Although businesses may have bolstered their defenses against direct cyberattacks, 2023 highlighted that a company’s security is only as robust as that of its ecosystem and partners. The predominant issue in 2023 was third-party risk, which encompasses risks from external entities within an organization’s ecosystem or supply chain. This concern was underscored by the significant impact of the CLOP ransomware gang’s exploitation of the MOVEit Transfer vulnerability, alongside the surge in social engineering attacks such as business email compromise (BEC).

Cybercriminals are drawn to the financial sector not only for immediate monetary gains but also because of the vast amounts of sensitive customer information it holds. The rise in data breaches in 2023 is largely attributed to CLOP ransomware activities affecting small to mid-sized regional banks. Additionally, multiple instances occurred where financial institutions were compromised through third parties that fell victim to CLOP, leading to customer data exposure on victim-shaming sites. These incidents highlight the vulnerabilities in organizational interdependence and the critical nature of third-party risk. Financial services firms have experienced a 65% increase in web application attacks, with LFI (local file inclusion) being the main reason for the attack vector. Finally, Distributed Denial of Service (DDoS) attacks in financial services have surpassed gaming, making it the most targeted industry by this type of attack.

Moreover, the professional services sector climbed from the fifth to the third most targeted industry in 2023. This increase is likely due to the persistent rise in BEC cases, which have significantly impacted this sector, especially legal firms targeted by the BLACKCAT ransomware gang. From Q1 to Q3 of 2023, a 21% increase in BEC attacks was reported

The Finance Sector Overtakes Healthcare for Most Breached Industry

Finance was the most breached industry in 2023, accounting for 27% of breaches, compared to 19% in 2022. While topping the list in 2022, healthcare dropped to second place, yet still accounted for 20% of breaches compared to 22% in 2022. The top ten list of most breached industries in 2023 were as follows:

 

  • Finance
  • Healthcare
  • Professional Services
  • Retail
  • Industrial Services
  • Technology
  • Education
  • Manufacturing
  • Government
  • Insurance

How Cybercriminals Attack Financial Services Firms

Below are the top types of attacks faced by financial institutions:

 

  • LFI Ranked as Top Web Application Attacks Local file injection (LFI) attacks are now one of the leading web attack methods and have surged in the financial sector, increasing by 53%. This security flaw permits attackers to incorporate files onto a server via the web browser. Typically, it occurs when web applications allow users to input filenames or file paths, which are then used directly to retrieve files from the server’s filesystem. A successful LFI attack can result in unauthorized access to personal data, financial records, and transaction details, potentially leading to data breaches and the theft of confidential information.
  • Distributed Denial of Service (DDoS) Attacks Increasing in Europe DDoS attacks have surged by 63.5% in the European region, more than doubling the number of attacks compared to the next leading region. DDoS attacks present a serious threat to financial services globally by disrupting the availability of services to legitimate users. For financial services, this disruption can cause lost revenue, customer dissatisfaction, and harm to brand reputation.
  • Malware/Ransomware Challenges The recent vulnerability exploited by the CLOP group has led to numerous leaks of customer personally identifiable information (PII), including a significant Social Security data breach at a U.S. bank. Malware and ransomware are typically crafted to steal sensitive financial data, login credentials, or PII, enable fraudulent transactions, or disrupt banking services. Ransomware, in particular, encrypts files or locks users out of their systems, demanding a ransom payment to restore access.
  • Insider Threat Increasing with Business Email Compromise BEC attacks within the financial services sector have risen by 21%. Cybercriminals utilize social engineering and malware to infiltrate legitimate business email accounts. Once access is gained, they send deceptive emails to trick recipients into transferring funds to unauthorized accounts. Weak authentication mechanisms and inadequate access controls can lead to unauthorized access to email accounts, enabling attackers to compromise user credentials and obtain sensitive information.

Conclusion

The financial services sector is the most targeted by cybercriminals because, in the words of Willie Sutton, “Because that’s where the money is”. We can defeat cybercriminals by focusing on where and how they attack, and through the implementation of a holistic cybersecurity strategy that addresses these types of attacks in a proactive manner.

How Adtech Can Help

We support our clients with a complete set of IT services that include those specific to maintaining the highest levels of cybersecurity:

  • Managed Security Services
  • A 24/7 Security Operations Center
  • Penetration Testing
  • Digital Forensic Services

Read more about our Cybersecurity Services for Accounting & Financial Services Firms

You can also fill out our contact form and we’ll get back to you within 2 business days.