Digital bank heists: Bonnie and Clyde would be hackers today
SECURITY INSIGHTS | 7 June 2021
Digitalization is creating new attack surfaces for cybercriminals and fraudsters in the financial industry. Banks have to continuously adapt to new attack vectors and methods to protect their digital assets.
Cybercriminals have targeted the financial industry for years: according to Boston Consulting Group (BCG), banks and financial services providers are attacked 300 times more frequently than other companies and Accenture projects cybercrime-related losses of approximately $347 billion for the global financial industry between 2019 and 2023. In its Risk Barometer for 2021, Allianz ranks cyber incidents as the biggest risk factor for the financial industry. This list can go on and on.
Criminals are where valuable assets are. The digitalization of finance has changed the playing field. Digital solutions for banking, payment transfer, asset investment, and much more have caused the number of vulnerable digital processes and valuable data sets to skyrocket. This is sparking interest among cybercriminals who sell data on financial services at top prices on the darknet.
The digital transformation is also taking place in crime. The number of classic bank robberies is continuously falling, but the number of virtual attacks is growing exponentially as the effort and risk involved become ever smaller. A DDoS attack is available on the darknet for as little as about $15. This lowers inhibitions and attracts many digital bank robbers. In the dangerous mix of script kiddies, politically motivated hacktivists, and state-sponsored cyberspies, cybercriminals pursuing monetary interests lead the field of attackers. According to Verizon, they alone are responsible for over 90 percent of all attacks on the financial industry.
At the beginning of 2021, a financial services provider from the German-speaking region received an anonymous ransom note demanding payment of a ransom of 10 Bitcoin (currently worth approx. €420,000). At the same time, an initial DDoS attack of 200 GBit/s was launched to demonstrate that the cyber extortionists were serious. If payment was not made, they threatened a huge attack employing up to 1 TBit/s of bandwidth – along with a higher ransom demand. Thanks to Myra Security’s certified Security-as-a-Service platform, both attacks were fully mitigated. There was no additional load on the financial services provider’s servers, and all outsourced services continued to run smoothly for its customers. The attackers then moved on to other targets. After-action reports in the industry show that vulnerable targets are attacked more often with the attackers likely to return and demand higher ransoms. They steer clear of protected infrastructure to protect their own resources, showing that preventive protection is worthwhile.
Just as banks secure their analog assets with armored vans, vaults, and professional security guards, a trusted partner with specialized expertise is needed to protect digital assets.
Specialist knowledge is also needed to ensure continuous availability, stability, data security, data integrity, and data protection in this sensitive environment. For this reason, the in-house operation of IT security involves a great deal of effort and related costs for hardware, software, and personnel.
Special service providers help to overcome this challenge by providing IT processes as outsourcing. The prerequisite is that the partner meets the high compliance requirements resulting from KWG, MaRisk, the BAIT, DORA (in the future), as well as the General Data Protection Regulation (GDPR) and the IT Security Act. They also apply to affiliated service providers. IT security at this level requires many years of industry expertise and the highest level of technological know-how.
Myra specializes in the protection of sensitive and critical infrastructure. Among others, the ECB, direct banks, savings banks, and the German government use the certified services of the German specialist provider.