How Financial Advisors Can Combat The Growing Risk Of Hacking

Over the past few years, financial firms have been investing more to protect themselves from cyberattack, with a 15% increase in 2020. But with the rapid digitization of the industry and the ever-changing tactics of criminals, they may still be more vulnerable than ever.

Financial advisors face an unprecedented threat from hackers exploiting the uncertainty around COVID-19 and the added challenges of remote working. They are launching phishing schemes, ransomware, trojans, backdoors and other attacks. Ransomware attacks alone increased by 485% last year, according to a report by Bitdefender.

With the stimulus payment rollout and the extended tax season, opportunities for hackers to target financial advisors have multiplied. Since few people know what a message from the IRS about a stimulus payment should look like, it’s easier than ever for scammers to concoct something plausible enough to fool a busy advisor into clicking on a malicious link.

The costs for that mistake can be substantial. The average payout by victims of ransomware—which scrambles systems until the attackers are paid to release them—increased from $115,000 in 2019 to $312,000 in 2020, according to the Ransomware Threat Report. The highest ransom demand last year was $30 million. But for financial firms, the headlines that accompany a breach can be even more damaging.

Customers factor trust into their choice of bank, accountant or financial advisor much more than they do for other companies. The perception that a financial firm is reckless in its handling of data can seriously dent that trust.

Advisors are susceptible to hacks primarily through relationships to third-party vendors, phishing scams, and unsecured processes and devices. Here are the key ways advisors at large and small firms are vulnerable to attacks and how they can protect themselves.

Large Firms: Innovation Adds New Risks
The way major finance and accounting firms operate has been transformed by digital technologies in the past few years. Advisors at these companies rely on a host of software from third-party vendors, even if they may not realize it. Attacks on what’s known as the software supply chain are rising as they enable hackers to access a large number of organizations at once. A recent hack of Microsoft’s Exchange Server email system potentially affected more than 30,000 organizations in the U.S and countless more around the world.

IT teams need to increase their visibility into their vendors’ security controls by asking tough questions. Vendors should provide end-to-end data encryption, which protects it while stored on servers and in transit between the server and user. It is also essential to know where data will be housed and what backups are in place to enable swift recovery of data in the event a ransomware attack on the main database is successful.

Cyberattacks are now so prevalent that many experts advise larger companies to adopt a “zero trust” policy. This security architecture assumes attackers are already inside an organization’s network. It demands robust identity management and employs sophisticated network monitoring technologies to analyze user behavior and flag unusual data requests.

This approach also limits damage from a successful attack by encrypting data and allowing users to only access the specific data stores they require to do their jobs. Deploying proper backup and business continuity solutions will also help companies recover quickly after a successful ransomware attack.

For large companies, securing employee devices is a continuous struggle. In the pandemic, many firms have allowed advisors to work remotely, and this is likely to remain common even after companies return to the office. Staff working remotely often put data at risk by using unsecured Wi-Fi networks at home or in coffee shops. Deploying a virtual private network, which keeps data safe when staff are using such networks, is essential. Financial firms should also encrypt the hard drives on employees’ laptops to prevent unauthorized access to the data if the devices are lost or stolen.

Smaller Firms: Sophisticated Schemes and Human Error
Human error plays a crucial role in many attacks. It goes without saying that financial advisors handle huge amounts of incredibly sensitive information—exactly the kind of information that hackers want. While many companies take steps to guard that information while on their servers, many financial advisors fall into the trap of sending documents in non-secure ways to their clients, co-workers or partner organizations. While many—but by no means all—larger companies have systems in place to share documents securely, advisors in smaller firms are particularly likely to simply email a document to a client. Email is not a secure form of communication. It is relatively easy for criminals to intercept and read the contents of emails in transit over the internet. Simply put, advisors should not share any financial information or documents unless they are encrypted. That includes email, in-office chat, and file-transfer programs. There are numerous services available that can encrypt emails and keep their contents private.

Incoming emails are also a threat source. Think phishing emails are obvious to spot? Not anymore. Threat actors have become adept at making them appear to be from a colleague, client or vendor. In a recent survey, a quarter of employees admitted clicking on a potentially malicious link, with around half saying they were distracted at the time.

Corporations employ sophisticated cybersecurity tools with filters that use artificial intelligence to flag or block potentially malicious messages. But smaller companies may not have the resources or expertise for this. Cybersecurity training for employees is a relatively inexpensive step smaller businesses can take to help users spot suspicious messages.

Cyber attacks are becoming more common and more expensive. The FTC has warned that cybercriminals are targeting groups affected by the pandemic. With financial advisors facing increased demands from their clients as a result of stimulus payments and more complex tax situations, they are a target. But, through a comprehensive and continuous approach to cybersecurity, the confidential data the public trusts financial firms to handle can be kept safe.

Ara Aslanian is CEO of Inverselogic, an IT services company, and reevert software. He is also an advisory board member of LA Cyber Lab.