5 types of cyberattacks that Banks and Fintechs suffered in the last year

Threats to cybersecurity have only increased due to the accelerating digitalization of our lives during the COVID-19 pandemic and, more recently, the invasion of Ukraine. According to Data 101, cyberattacks have increased by 253% since the war began.

According to Cybersecurity Ventures, a publication specialized in cybersecurity, international cybercrime stole nearly 5 billion euros in 2021.

What are the most common types of cyberattacks? And the keys to preventing them.

🎣 Social engineering

Social engineering is the tool par excellence used by cybercriminals. The approach is manipulation and deception through different techniques that they employ against their victims.

Social engineering tactics include the phishing, The Vishing And the Smishing.

El Phishing It operates when a user is tricked, through -for example- an email, into visiting a (fake) website where they are asked to enter their personal data.

The victim is not aware that they accessed a fake site and believes that they have sent their credentials to a secure site. In this way, the attacker makes use of the victim's data to then impersonate the victim and carry out criminal activities.

In the Vishing, instead of an email, a telephone call is used to impersonate a user's contact and, again, to get them to hand over their personal data with which the cybercriminal will make use of them.

And in the Smishing a text message is used to deceive the user.

As we mentioned at the beginning, the cybercriminal employs different mechanisms that aim to make us fall into a trap. Victims open attachments such as Word documents, PDF files, images, etc. in emails thinking that they are harmless, but often the sender of that message belongs to an attacker who is waiting for one of his victims to take the bait.

🐜 Supply chain attacks

These attacks are implemented by introducing malicious code into a product, taking advantage of insecure network protocols, unprotected server infrastructures, and unsecure coding practices.

This code is then distributed among the community of users who download or use the product, web or application and which is then expanded through the Internet, affecting thousands of users

🕸️ Advanced Persistent Threats (APT)

This type of attack occurs when an unauthorized user enters a network and, circumventing security measures, remains there for a long period of time without being identified.

To carry out this type of attack, resources such as webshells are used; which are malicious programs to use remote control of the victim computer that can then be infected with malware, viruses, trojans, or any other type of malicious software that the cybercriminal deems necessary according to their objectives.

A peculiarity of this type of attack is that they can be confused with regular network traffic and go unnoticed by a company's infrastructure. Detecting this activity will depend on how protected the infrastructure and the security controls that are applied in the organization are.

⛔ Denial of Service (DoS)

It consists in the fact that the attack is carried out in a way that a common objective, such as a web application, for example. The site collapses due to overload and prevents users from accessing a website. In the case of a Bank, users who want to access the site will not be available.

There is also a DDoS attack, which means: Distributed Denial of Service attack. Unlike a DoS, the DDoS attack is faster and more severe, causing significant drops in technological services.

🌩️ Cloud Attacks

This type of attack has increased at the same rate as the number of organizations that migrate to the cloud has increased. And although here I identify them as just another attack, they actually encompass other types of threats mentioned above, only in this case they happen in the cloud.

Although it is true that they are less frequent or more difficult to carry out, because the cloud is often more secure than an organization's own servers.

To protect themselves against these types of threats, cloud service providers have very robust physical and logical security.

But the concept of “shared security” works in the cloud, that is: the provider will guarantee the physical security of their data centers, but the management and administration of these resources is the responsibility of the user/customer.

Safety regulations

There are different information security standards that organizations adapt to certify their implementation. A certified security organization is an organization that expresses trust in its customers, in its corporate image and in its businesses.

One of the most important certifications we can find is ISO 27001: Application of ISO 27001 standard

It establishes guidelines for managing digital infrastructure, organizations' data, and security policies and procedures that apply to the entire company.

This is a standard that determines the requirements that must be met for the implementation, maintenance and continuous improvement of the Information Security Management System (ISMS).

Infocorp successfully completed the ISO 27001 certification in July of this year 2022.

Internal training

The training is part of the ISO 27001 standard and at infocorp they are carried out for all employees, with courses where they learn not to fall into the traps of social engineering and, above all, to report as soon as they detect any kind of anomaly in the behaviors of the systems that are notified, such as too many transactions in a short period of time, for higher amounts than usual, suspicious emails with messages containing attachments of an unknown origin, etc.

Training for customers

At Infocorp, we also empower customers to be vigilant and to raise an alert or ignore communications from their Bank that they would not expect to receive.

We are working together with our internal collaborators, and with our clients on these three paths simultaneously to turn them into safer banks.

Because there is nothing more secure than working together between banks and their digital channel providers.