Banks are the main targets of cyber attacks at Christmas

Banks are the main targets of cyber attacks at Christmas time according to the latest report on cybersecurity BDO one of the largest global professional services organizations that also indicates that banks have suffered 154 cyber attacks from 2015 to the third quarter of 2018

BDO's new report reveals that cybercriminals have abandoned their cryptocurrency targets after the incident last January and have re-launched attacks under the rescue and commercial email scheme, but armed with new tools and technological developments and an improved experience.

BDO warns that financial institutions are the main objective of cyber attacks at Christmas, due to the preference of cybercriminals to operate on holidays, so the Firm recommends strengthening cyber security on those dates.

According to BDO, financial institutions converge three key factors that make them the main targets of cybercriminals: i) The sector hosts a large amount of sensitive customer information; ii) The liquidity of its assets and iii) its potential to manipulate or disturb the markets.

The BDO report includes three main tips for banks to face the Christmas season with greater security: Exercise a greater vigilance during the holidays in which they are closed, as cybercriminals take advantage of these dates to go unnoticed for a longer period of time long, they install backdoors, resell information about infractions to other hackers, organize additional attacks and / or transfer stolen funds.

Second, follow the recommendations of international regulatory bodies, as they are requiring financial institutions to be held accountable for cyber-negligence more frequently. The Financial Conduct Authority of the United Kingdom (FCA) issued its first fine for a cyber-fault this year. Among the cases analyzed in the BDO report is the imposition by the FCA of a fine of £ 16.4 million on Tesco Bank in early October 2018, for an infringement in 2016 that took advantage of a cybernetic weakness the one that the regulatory agency had previously warned the bank.

Third, BDO warns that being insured does not mean being covered. Therefore, it is advisable to read the fine print of the cyber insurance policy. In a case detailed in the report, a national bank assumed a greater than expected cyber responsibility, due to the different interpretations of the clauses of the insurance policies.

BDO also points out that the basic behavior of cybersecurity among individuals, companies and organizations shows certain signs of erosion due to the consolidation of personal data among a limited number of large companies, the growing dependence on interconnected devices and the constant bombardment of threats online and data breaches.

The Firm emphasizes that companies that perform a cost-benefit analysis on the adoption of stricter controls on user privacy or other enhanced cybersecurity measures, often choose not to do anything, as long as possible fines or Recovery costs are within a tolerable range.

The report also points to a trend: people renounce to obtain full control of their digital presence, accepting transparency in exchange for comfort. Beyond ethical concerns about privacy, the consequences are that cybercriminals increasingly take advantage of the complacency of employees and organizations to execute seemingly basic attacks with potentially serious outcomes.


Date update on 2018-12-21. Date published on 2018-12-21. Category: hackers Author: Oscar olg Fuente: diariojuridico
hackers