In the wake of pandemic lockdowns, with more people working from home and using online services for the most basic activities, cybercriminals have swooped in to take advantage of those customers who are new to digital financial services or those just overwhelmed by changes.
And, as is often the case, the small- and mid-sized financial firms have faced perhaps the most difficult challenges compared with their larger financial services competitors. Cyberattacks on small- and mid-sized financial institutions were bad before, as the United States boasts thousands of smaller financial firms. But the recent onslaught of attacks from Russia, in the wake of its real-world attacks on Ukraine, has increased the potential threats to the decentralized U.S. financial system.
Smaller U.S. financial institutions face potential loss through “data leakage,” as well as ongoing operational availability challenges from firms, including Coro, which offers cyber-support to enterprise customers.
No one is exempt from cyberattacks. Coro executive Dror Liwer offered a recent experience where a local northern California television station, with which Coro worked, received an online p2p transaction for $3,500. While the customer in question made it clear that this was not a legitimate transaction, the transaction may have passed through, at least initially, due to the financial institution’s desire to accept transactions and not create more issues for their customers.
While much of the transaction volume and account dollars are focused within the top five U.S. banks in the United States, there are thousands of smaller banks, credit unions and investment firms managing accounts for customers throughout the country. These smaller financial firms are rapidly becoming targets for cyberattacks as they often boast broad customer data and accounts, and do not have as much of the protections in place as other larger financial institutions — meaning bad actors can collect on a large payday without as much of a potential challenge to their attack.
Financial institutions experienced a more than 1,300% increase in ransomware attacks in the first half of 2021, compared with the first half of 2020, according to Trend Micro. Worldwide, financial firms that had a data breach reported losing an average of $4.2 million from data breach attacks, according to a May 2021 report by CyberRisk Alliance.
Banks, in general, have more to lose when it comes to a breach than other businesses. A retailer might have fines to pay and lawsuits to fight; a bank, however, has fines, lawsuits, and might lose its banking license. There’s higher regulatory scrutiny from the federal and state levels. Due to the sensitivity banks have around money, in general, the reputational and customer retention damage is much greater.
“In general, we’re seeing a massive shift from the attackers’ perspective,” said Liwer, adding that more sophisticated and complex attacks have become “commoditized” as bad actors are selling these attack vectors online on the dark web. “Even the less sophisticated attackers can ‘rent an attack’ though these ‘cybercrime-as-a-service’ options,” said Liwer. Now that it’s accessible and cheaper, the barrier to entry is lower, and more attackers can go after small- or mid-sized financial institutions.
Given their challenges, industry experts like Liwer recommend that small- and mid-sized financial firms should better shore up their cyber protections and their protective measures in the physical world.
“Attacks on smaller banks are simpler and easier and cheaper to make,” Liwer said.
Attacks on small and mid-sized financial institutions may not get as much play in the media, as they are not as well known or established. Banks have seen a 117% increase in targeted attacks lately.