Banks, Financial Sector Face Most Cyber Security Attacks, Obrela Report Reveals 

0 406

Obrela has revealed that banks and financial institutions continue to witness onslaught of cyberattack in its latest report.

The leading cyber security service provider in its 2023 global security landscape report noted that security landscape for the entire corporate ecosystem, covering industry-specific attacks as well as threat-specific attacks were key areas examined.

The report reveals that suspicious internal activity (35 per cent), malware (18 per cent) and security risks/policy violation cases were the most prevalent forms of attack in 2023, while banking, finance, the services sector and education faced the majority of attacks.

For instance, Obrela’s proprietary data shows the banking and finance sectors faced the most ‘reconnaissance’ attacks (a 37per cent increase compared to the same time last year).

Such reconnaissance attacks are used by cyber attackers to gather information about a target system, network or organization. The information is then used to identify vulnerabilities, understand the environment and plan subsequent attacks.

Active reconnaissance involves direct interaction with the target’s systems. Techniques can include scanning networks to discover open ports, running services, and identifying operating systems and network devices. Other methods might include sending emails with tracking pixels to determine active internal email addresses, or attempting to engage directly with employees to extract detailed information.

The financial sector also suffered one of the highest levels of malware attacks (a 26per cent year-on-year increase), while email attacks – such as fraud and phishing – affecting banking and finance most – increased by 43 per cent compared to 2022.

Despite advances in security technology, clearly human factors remain a critical vulnerability.

Phishing and social engineering attacks, for example, continue to evolve, exploiting psychological manipulation and sophisticated impersonation techniques to trick individuals into divulging sensitive information or accidentally installing malware.

Despite ever-evolving advancements in cybersecurity defences, basic attack methods such as phishing, malware and brute force attacks continue to be highly effective. These methods exploit human errors and vulnerabilities in systems that persist over time, making them reliable tools for attackers.

Advanced cyberattacks often require significant resources, including time, expertise, and money. Attackers conducting simpler attacks can achieve similar goals with a much lower investment, making these techniques more appealing, especially for targeting small to medium-sized organisations with less sophisticated defences.

VP MSS at Obrela, Dr. George Papamargaritis in a statement said, “To combat these evolving threats, the banking and financial sector must urgently adopt a multi-layered approach to cybersecurity, including advanced threat detection and response tools and cybersecurity awareness training for all staff.

“We recommend robust data backup and recovery plans, and a zero-trust architecture. Collaboration and information sharing between industries and governmental bodies are also crucial for staying ahead of emerging threats.”

George says that in its threat detection and response work throughout 2023, Obrela collected some 14.5 PBs of logs, through monitoring over 500K devices/ endpoints.

Of 1.6million triaged alerts, 31,500 cyberattack incidents were detected and foiled.

George added: “These figures underline what we are up against. As we move further into 2024, staying informed of the latest threats and continuously adapting cybersecurity strategies is evermore essential for protecting against this increasingly dynamic and sophisticated attack landscape.”