Financial services firms face an array of ongoing cyber threats to their critical assets. While banks, insurance companies, and others in the sector already have advanced security measures in place, they continue to be a target – and it only takes an overlooked vulnerability or a moment of letting your guard down for disaster to strike.
Just since the turn of the year:
TMX Finance and its subsidiaries TitleMax, TitleBucks, and InstaLoan reported a data breach that exposed 4.8 million customer records, names, birthdates, passport numbers, financial account information, and other extremely sensitive personally identifiable information.
Financial technology leader NCR Global suffered a data center outage due to a ransomware attack on its Aloha restaurant point-of-sale (POS) system. Such attacks can cause major financial losses for organizations due to disruptions in service. Further, the hackers claimed to have obtained credentials that could be used to access NCR customer networks.
More than a million invoices issued by customers of mobile fintech company NorthOne were exposed in a non-password-protected repository. The researcher who discovered the exposure called such records “a goldmine for criminals,” providing information useful for crafting convincing phishing and pretexting schemes.
International finance law firm Proskauer Rose suffered a breach of mergers and acquisitions (M&A) records in a cloud server left unsecured for six months. The files included financial documents, contracts, NDAs, and other materials relating to high-profile acquisitions.
Again: financial services firms are among the leaders in robust cybersecurity measures, yet they, too, can and do fall victim to threat actors in spite of their best efforts. As always, the question isn’t if, but when will they suffer a breach or a ransomware attack.
The best recourse for protecting the industry’s crown jewels is to prevent hackers from seeing them in the first place. That way, even if they manage to breach other parts of the enterprise network, they aren’t able to exploit what they can’t see. Network obfuscation is a proven strategy for cordoning off critical records and applications in an ultra-secure, off-the-grid digital environment in order to isolate them from attack.
To learn more about risks and costs of cyber threats in the financial services field and how network obfuscation can help, download the ebook: Financial Services at Cyber Risk: Protecting Critical Assets and Sensitive Customer Transactions Requires New Security Strategies.