The financial industry was the target of the third-highest number of cyber attacks in 2019, according to Positive Technologies, a cyber security firm that serves a wide range of industries.
Government agencies and industry were first and second on the list of types of firms that were subject to technology breaches for the year. The financial industry tied with health care and science, and education for third place, Positive Technologies said in its report, Cybersecurity Threatscape 2019, which analyzed 1,500 cybersecurity attacks.
Each of the industries that placed third in cyber attacks accounted for 8% of the total. Financial services was in third place by itself in 2018 with 10% of the attacks, the report said.
The study was done before Covid-19 pushed people into working at home, a change that will make attacks surge in 2020, with health care probably moving up the scale, the report said.
“Criminals will always try to exploit the latest trends and anxieties for their own gains, and unfortunately the coronavirus is no different,” said Evgeny Gnedin, head of information security analytics at Positive Technologies. “This year, we expect to see a sharp increase in phishing attacks, as criminals exploit the population’s fear of the virus to convince people to click on web links or open attachments that install malware on computers so they can then steal information or even money.”
As large banks become better at protecting their data, criminals are moving to smaller banks, where security may not be as good, the report said.
Data theft, rather than the theft of money, more than doubled last year compared to 2018, accounting for 66% of the financial services attacks. Among all attacks on financial services firms, malicious software use as an attack method jumped from 58% in 2018 to 85% in 2019. Attacks such as convincing the victim to click on an infected web link increased from 49% in 2018 to 80% in 2019.
The use of ransomware by criminals is one of the biggest threats to companies worldwide. In 2019, ransomware accounted for 31% of all infections, and ransoms that were paid went into the hundreds of thousands of dollars.
“Towards the end of the year, Positive Technologies’ experts noticed a new trend—if the victim refused to pay, malware operators began threatening to disclose the data they copied,” the report said. “Positive Technologies expects a new wave of ransomware attacks in 2020.”
To help combat the growing number of cyber attacks, the cybersecurity firm advises scanning all email attachments with antivirus software, not opening unknown sites, and not downloading files from suspicious sites or unknown sources.
“Do not skimp on security,” Positive Technologies said. Also, back up critical files and use two-factor authentication where possible.
Improve security awareness among clients and educate them on what to do if they suspect fraud, the report said.