How Financial Services Companies Can Win the Fight for Cybersecurity
FTI Consulting is a leading provider of proactive, independent cybersecurity and risk management advisory services and reactive investigative services for cyber incidents.
The potential financial impact of a global cyberattack today is on par with that of major natural disasters. Financial institutions have historically been targets of cyber criminal actors looking to steal money, client information and proprietary company data. These attacks have typically targeted customers, but alarmingly, since 2016, there has been an increase in campaigns aimed at breaching financial institutions directly.
Today’s cyber threat landscape is ever-evolving, with increasingly advanced tactics. While most large banks are well prepared for the threats that come from hackers trying to steal credit card information from customers and compromise ATMs or credit card processing machines, they are less equipped to defend against the aggressive malware and ransomware we’re seeing used today. In recent years, a wave of state-sponsored and highly sophisticated threat actors carried out attacks that resulted in high-value bank heists, major internet disruptions and compromise of vast amounts of sensitive data:
- An $81 million heist last year at Bangladesh Central Bank involved manipulation of the bank’s SWIFT accounts, the international money transfer system used between banks, demonstrating that hackers are motivated to attack the financial services industry on a range of fronts.
- This year, cyber campaigns also evolved to use advanced weaponized exploits against public and private institutions, including the use of allegedly stolen exploits to spread WannaCry and Petya malware around the world.