CCG Insights

Banks & Finservs, Among Most Targeted Sectors by Hackers

  • Insight

Banks & Finservs, Among Most Targeted Sectors by Hackers

Will Citi's Accidental Digital Strategy Pay Off?

Hackers target Banks and Finservs the mostBanks and financial service organizations are among the most highly targeted segments by cybercriminals, receiving an average of almost a thousand attacks daily targeted at web apps, according to a new research report.

The study, “Web Application Attacks Statistics 2017,” from Framingham, Mass.-based enterprise security firm Positive Technologies, also saw an acute increase in cross-site scripting attacks against banking customers, wherein cybercriminals alter web page code.

The study described the chief tendencies, threats, and challenges related to web application attacks throughout 2017, in addition to outlooks for 2018. It also explained how weaknesses in web applications have allowed hackers to damage diplomatic relations, acquire patent lists from plastic surgery clinics, swipe huge sums from cryptocurrency exchanges, and execute other wide-ranging attacks.

The most common types of cyberattacks remained the same in 2017 as previous years, with cross-site scripting making up almost one-third of all incursions. Other prevalent attacks encompassed the capacity to gain access to data or execute commands on the server, including SQL injection, path traversal, local file inclusion, and remote code execution and OS commanding.

The most strongly targeted segments in 2017 were IT and finance (the latter including both financial institutions and e-procurement platforms), which had daily attack rates of 1,014 and 983 respectively. IT companies offer an appealing mark because of the passivity in penetrating a clients’ structure. The NotPetya ransomware outbreak, for example, started with an accounting software developer hack.

Web apps are a bank security weakness. Hackers, who can rip-off users of online banking or payment systems, continue to target bank sites to infiltrate inside and steal funds via banking systems.

Another dominant trend in 2017 was the boom in cryptocurrency and initial coin offerings. In most attacks on cryptocurrency exchanges and ICOs, hackers took advantage of poor web application safekeeping. Examples: attacks affecting CoinDash and Enigma Project, where hackers altered the cryptocurrency wallet address displayed on an ICO site so that investors would unknowingly transfer funds to an attacker-controlled wallet.

The report also mentioned government websites as a continuous mark for attackers in 2017, getting an average of 849 daily attacks per organization. Last February, hackers modified the websites of embassies and government authorities around the world to contaminate visitors’ computers with spyware. Later in the year, the site of the U.S. National Foreign Trade Council experienced a comparable occurrence.

Planting false news on normally reliable websites—such as the official page of a foreign ministry—can trigger scandals and international outrage. One such incident last year in Qatar made-up statements ascribed to the nation’s emir, leading to a diplomatic ruckus with other countries in the region. Hackers also seek the websites involved in presidential and parliamentary elections. The upcoming high-profile international event the 2018 World Cup, is likely to draw many attacks including denial-of-service and defacement attacks as well as incidents impacting users.

The report also described attacks on healthcare web applications, which on average received 731 attacks daily. In one incident involving a Lithuanian plastic surgery clinic, hackers published over 25,000 naked “before” and “after” photos of patients. The hackers demanded a ransom from both the clinic (EUR 344,000) and individual patients (up to EUR 2,000).

Get full access to this and other CCG Insights – Register Now

Already have an account? Log in

  • CCG Catalyst CCG Catalyst
  • June 12, 2018

You Might Like These, Too

Bank Fintech Fusion Podcast
Podcast

Tiana Brown of CCG Catalyst on the Business Process Assessment

The Financial Brand
Article

Fintechs Facing Bank-like Challenges as They Evolve Beyond Roots

Investment in Core Infrastructure
Tech Tuesday

Tech Tuesday: Investment in Core Infrastructure

Research-Snapshot-1-14-21
Research Snapshot

Next-Gen Core Systems Could Increase Speed to Market, Improve Efficiencies

Leaders in Bank Consulting

About CCG Catalyst
Latest Insights
CCG

PHOENIX • NEW YORK • LONDON • SINGAPORE

Phone: +1-480-744-2240  • Contact Us

© 2021 CCG CATALYST CONSULTING. Privacy Policy & Terms of Service.
Request a Call Back
Linkedin
Twitter
Subscribe
for Insights
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

SAVE & ACCEPT
BANK
FINTECH
FUSION
  • About
  • Services
  • Insights
  • Fintech
  • Research
  • Contact
  • Press
  • Careers
  • Events
  • Terms
  • Privacy
Linkedin
Twitter