Financial institutions may seem to be catching a break with cyberattacks decreasing overall, but a new report reveals a chilling truth - criminals are getting smarter and they're exploiting existing user accounts. Strong identity management is critical to stopping them.
Financial institutions are no strangers to cyberattacks, but a new report reveals a worrying trend: criminals are increasingly targeting them using existing user accounts and emerging technologies. A report, compiled by industry experts, analysed over 150 billion security events globally. It found that finance and insurance were the second-most attacked sectors in 2023, although the overall percentage of attacks on this industry has decreased slightly compared to previous years.
This decrease might seem like good news, but there's a concerning shift in tactics. Criminals are exploiting weaknesses in identity management. Instead of brute-force hacking, they're finding ways to steal or manipulate legitimate login credentials to gain access to systems.
"The biggest security problem boils down to the basics," explains a report author. "Criminals are using identities to compromise companies, and this problem will likely worsen as they leverage AI to automate these attacks."
While these tactics may seem less flashy than AI-powered assaults, they highlight a crucial vulnerability. Organisations need to prioritise stronger password policies, compromised credential screening, and other measures to protect user identities.
Here are some key takeaways from the report:
- Finance and insurance were the second-most attacked sectors globally in 2023 (18.2%).
- Phishing and stolen credentials are the top infection vectors for these attacks.
- Extortion is the most common impact observed, followed by botnets and credential harvesting.
- Stronger identity management is crucial to combat this evolving threat.
Read the full report: IBM X-Force Threat Intelligence Index 2024 https://www.ibm.com/reports/threat-intelligence
Published in FinTech Magazine by Tom Chapman, February 22, 2024. https://fintechmagazine.com/fraud-id-verification/ibm-cyber-impact-on-finance-insurance