Over the past few years, financial firms have been investing more to protect themselves from cyberattack, with a 15% increase in 2020. But with the rapid digitization of the industry and the ever-changing tactics of criminals, they may still be more vulnerable than ever.

Financial advisors face an unprecedented threat from hackers exploiting the uncertainty around COVID-19 and the added challenges of remote working. They are launching phishing schemes, ransomware, trojans, backdoors and other attacks. Ransomware attacks alone increased by 485% last year, according to a report by Bitdefender.

With the stimulus payment rollout and the extended tax season, opportunities for hackers to target financial advisors have multiplied. Since few people know what a message from the IRS about a stimulus payment should look like, it’s easier than ever for scammers to concoct something plausible enough to fool a busy advisor into clicking on a malicious link.

The costs for that mistake can be substantial. The average payout by victims of ransomware—which scrambles systems until the attackers are paid to release them—increased from $115,000 in 2019 to $312,000 in 2020, according to the Ransomware Threat Report. The highest ransom demand last year was $30 million. But for financial firms, the headlines that accompany a breach can be even more damaging.

Customers factor trust into their choice of bank, accountant or financial advisor much more than they do for other companies. The perception that a financial firm is reckless in its handling of data can seriously dent that trust.

Advisors are susceptible to hacks primarily through relationships to third-party vendors, phishing scams, and unsecured processes and devices. Here are the key ways advisors at large and small firms are vulnerable to attacks and how they can protect themselves.

Large Firms: Innovation Adds New Risks
The way major finance and accounting firms operate has been transformed by digital technologies in the past few years. Advisors at these companies rely on a host of software from third-party vendors, even if they may not realize it. Attacks on what’s known as the software supply chain are rising as they enable hackers to access a large number of organizations at once. A recent hack of Microsoft’s Exchange Server email system potentially affected more than 30,000 organizations in the U.S and countless more around the world.

IT teams need to increase their visibility into their vendors’ security controls by asking tough questions. Vendors should provide end-to-end data encryption, which protects it while stored on servers and in transit between the server and user. It is also essential to know where data will be housed and what backups are in place to enable swift recovery of data in the event a ransomware attack on the main database is successful.
 
Cyberattacks are now so prevalent that many experts advise larger companies to adopt a “zero trust” policy. This security architecture assumes attackers are already inside an organization’s network. It demands robust identity management and employs sophisticated network monitoring technologies to analyze user behavior and flag unusual data requests.

This approach also limits damage from a successful attack by encrypting data and allowing users to only access the specific data stores they require to do their jobs. Deploying proper backup and business continuity solutions will also help companies recover quickly after a successful ransomware attack.

First « 1 2 » Next