More than 200 million financial services records were breached in 2016, representing a 937% percent increase over the previous year, according to data from IBM.
The monetary gains associated with corporate and customer data available throughout the financial sector proved appetising to cybercriminals in a year which saw hackers switch their focus away from the healthcare and retail sectors to go straight to the source.
The data from IBM’s X-Force Research team revealed the financial services industry was attacked more than any other industry in 2016 – 65% more than the average organisation across all industries.
As a result, the number of financial services records breached skyrocketed 937 percent in 2016 to more than 200 million.
In total, financial institutions were forced to defend against a 29% increase in the number of attacks from 2015. Intruders concentrated their activity on the weakest link in the security chain, hitting employee machines with wave after wave of phishing campaigns in an attempt to plant malware. These insider attacks were the genesis of 58% of the breaches tracked by IBM.
A new report by Verizon which examined 2000 breaches at major organisations found malware and phishing were the go to techniques favoured by cyber-criminals.
“Cyber-attacks targeting the human factor are still a major issue,” says Bryan Sartin, executive director, global security services, Verizon Enterprise Solutions. “Cybercriminals concentrate on four key drivers of human behavior to encourage individuals to disclose information: eagerness, distraction, curiosity and uncertainty. And as our report shows, it is working.”
To mitigate against the threat, IBM recommends that all banks conduct regular staff awareness training and employ strong data access and governance principles, augmented by a multi-layered approach to fraud detection.