Network Security, Endpoint/Device Security, Endpoint/Device Security, Ransomware, Endpoint/Device Security, Endpoint/Device Security

Financial firms falling further behind in breach battle

Participants review lines of code on a laptop on the first day of the 28th Chaos Communication Congress (28C3) computer hacker conference on Dec. 27, 2011, in Berlin. (Photo by Adam Berry/Getty Images)

In the past two years, the pandemic-related branch closures and lockdowns as well as a general focus on doing virtually everything remotely, has boosted digital banking, even among tech laggards. But it’s also increased the target size for bad actors — and banks can’t keep up.

Ransomware attacks on the banking industry alone have increased by more than 1,300% in the first half of this year, according to research from Trend Micro. And, perhaps more troubling, a study released Wednesday by Samsung, found that more than three-quarters (77%) of financial industry decision-makers are concerned that cybercriminals “are a step ahead of their institutions.”

“Financial Institutions must take cybersecurity risks extremely seriously due to the sensitive nature of the data and personal information they have access to,” said John Curtis, vice president and general manager for B2B Mobile at Samsung Electronics America, commenting on his company’s first "Future of Mobility: Finance and Banking Report." “A hack not only severely impacts stakeholder trust but can have a very tangible impact on the well-being of customers and their life savings.”

Already on the rapid rise, online and mobile banking (and related digital financial services) got a big bump from the pandemic, which forced many people to embrace digital since branches were closed — and made these delivery channels a more appealing target for cybercriminals. In recent months, 44% of retail banking customers are using their banking applications more often, and there has been a 117% growth in business-based mobile remote deposit, according to Deloitte.

Satya Gupta, co-founder of cybersecurity firm Virsec, said that financial services institutions (FSIs) are largely in what he calls the “late majority” category. “They continue to pin their trust in Exploit Detection and Response (EDR) cybersecurity solutions that routinely get bypassed by sophisticated attackers,” Gupta said. “What makes matters worse is that [financial industry] victims are often flushed with funds and have no difficulty in paying out unprecedented ransom. As we can well imagine, this is leading to a feeding frenzy.”

But, there’s a bit of a disconnect for FSIs, in how they view their cybersecurity preparedness and how managers view IT security differently than employees, according to the Samsung report findings. Marc Gaffan, CEO of endpoint isolation provider Hysolate, said that this could relate to the fact that “corporate insiders are always a potential threat to organizations and specifically to financial institutions that have sensitive customer data exposed to their employees.”

“This has become even more of an issue with COVID-19 induced work-from-home situation,” Gaffan added. “With bank employees working from home, data is more likely to be accessed from their personal devices and remain on them.”

Peter Bookman, CEO and founder for, said he believed that “the concern that hackers are staying a step ahead of FSIs is an understatement. Financial firms are a prime target, and in many cases not staying current on yesterday’s technology approaches. New tools that utilize machine learning and AI can learn and keep pace will be key, automatic response, along with implementing strong cybersecurity policies and hygiene practices are all key investments to make to defend against cyberattacks.”

More than four out of five (83%) of IT decision-makers at financial firms believe that their organizations are “leaders in the field” as far as IT security is concerned, and yet three out of five (60%) are “not confident that their security technology will protect them, according to the Samsung report. And more than three-quarters (75%), of financial industry IT decision makers fear that cyberattackers are a step ahead. (Meanwhile only two out of five financial industry employees, 40%, have similar concerns.) More than seven out of 10 IT decision-makers (71%) are worried about employee inattentiveness or failure to follow best practices for security.

But, as financial industry leadership passes the baton to the younger generation, this view and approach to FSI cybersecurity may shift as well. Millennial and GenZ-aged IT decision-makers are far more passionate about mobile security solutions, for example, while nearly three-quarters (74%) are worried there will be resistance in the organization to trying new things, according to the Samsung report. (Meanwhile, only 54% of GenX/Boomers IT security professionals have the same concerns.)

More findings from Samsung report

TrainingThe 2021 Future of Mobility: Finance and Banking Report revealed that disengagement from employees is the weak link in banks’ cybersecurity defenses. While the majority of IT managers worry about company/customer data due to remote work, only 6% of employees do. Proper training helps employees understand the important role they play in safeguarding data and keeps them a front-line defense for company security.  However, companies need to step up their current programs — 70% of ITDMs worry there’s not enough security training. Companies may also want to consider regular penetration tests to identify weaknesses and help employees stay alert.

Technology. Hackers are continually evolving their approach, so it’s critical to stay up-to-date on the latest security technology with the strongest defenses. For example, our Knox solution is the defense-grade and best-in-class security built into all our latest devices. Every Knox device is built from the hardware chip up to isolate, encrypt, and secure data — including confidential files, credit card transactions and passwords.

Governance and oversight. Organizations need to carefully consider regulatory requirements, particularly within mobile devices. Apps should be encrypted and have robust access control measures in place. The entire data lifecycle should be monitored ensuring unnecessary files are deleted when no longer relevant and the most sensitive data receives extra care. For example, banks should use software on their employee’s devices to isolate the most critical data through a separate operating system, ensuring the data is never exposed to the standard OS or public apps. Additionally, OTT updates should be regularly released to patch bugs and match the latest in security standards.

- John Curtis, vice president and general manager, B2B Mobile at Samsung Electronics America

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.