Cyberattacks Have More Than Doubled for Financial Institutions Since 2020

By Ken Lowy, NewtekOne

The financial services sector is experiencing an unprecedented surge in cyberattacks, putting sensitive consumer data at significant risk. Many institutions, relying on outdated security measures, have become prime targets for cybercriminals. Over the past two decades, these attacks have caused losses exceeding $12 billion, and this figure continues to climb. Since 2020, the frequency of these incidents has more than doubled resulting in even greater financial and reputational damage. Understanding the tactics of cybercriminals and learning how to defend against them is crucial for the survival of any financial institution.

Common Cyber Threats and Their Impacts

Financial institutions face three particularly common and significant types of cyberattacks.

Distributed Denial of Services (DDoS)

Distributed Denial of Services (DDoS) attacks flood networks with malicious traffic, disrupting online services. In 2023, 36% of DDoS attacks targeted the financial sector. These attacks not only prevent consumers from accessing online banking services but also serve as a distraction for more severe attacks like ransomware or phishing. This dual-threat scenario leads to severe operational disruptions, loss of credibility, and substantial financial damage. Financial institutions must employ sophisticated traffic analysis tools and robust network defenses to mitigate the impact of DDoS attacks effectively.

Ransomware

Ransomware attacks lock institutions out of their devices or data, demanding ransom for access. These attacks often occur through malicious ads, compromised websites, or email attachments. The consequences include ransom payments and operational disruptions. For example, Blackbaud experienced a ransomware attack in 2020 that cost over $50 million to remediate, including the ransom payment, legal fees, data recovery costs, and credit monitoring services for affected individuals. Ransomware incidents highlight the importance of regular data backups, employee training on recognizing phishing attempts and having a robust incident response plan in place.

Phishing

Phishing attacks trick members or employees into revealing sensitive information through emails, texts, or calls. These attacks exploit human vulnerabilities rather than technical ones. In 2021, ABCO Federal Credit Union faced a phishing scam that compromised internal systems and member data, resulting in costly mitigation efforts. The average financial consequence of a phishing attack is $4.76 million. Institutions must implement comprehensive security awareness training for employees and members to recognize and report phishing attempts promptly.

Immediate and Ongoing Costs of Cyberattacks

Cyberattacks have both short and long-term financial consequences. These costs vary depending on the extent of the damage, type of data compromised, severity of the attack, and the size of the organization. Some of the significant costs include:

• Ransom Payments: The average ransom payout has increased 500% in the last year to a total of $2 million, up from $400,000 in 2023.
• Operational Disruption: Ransomware attacks in 2022 caused an average downtime of 24 days, significantly impacting service delivery and consumer trust.
• Legal Expenses: Costs vary based on notification, regulatory enforcement, and litigation needs. Financial institutions must adhere to stringent reporting requirements, which can incur substantial legal fees.
• Investigation Fees: Identifying breaches and preventing further damage costs about $1.6 million per incident. These investigations are crucial for understanding the scope of the breach and implementing measures to prevent future attacks.
• Remediation Costs: Data breaches cost $140-$160 per compromised record, quickly escalating in large-scale breaches involving thousands of records.
• Reputational Damage: Attacks can lead to decreased market share and stock prices, as consumers lose trust in the institution's ability to safeguard their information.
• Increased Premiums: Cyber insurance premiums may rise post-attack, reflecting the increased risk profile of the affected institution.

Mitigation Strategies

To reduce the risk of cyberattacks, credit unions should implement a combination of proactive and reactive measures. Key strategies include:

• Data Recovery: Implement backup and recovery plans for critical information to prevent data loss due to cyber-attacks or hardware failures. Regularly test these plans to ensure they function correctly in an emergency.
• Security Features: Use two-factor authentication, antivirus protection, log monitoring, application and database isolation, carrier-level DDoS protection, firewall management, SSL services, and frequently update software. These measures create multiple layers of defense, making it harder for cybercriminals to penetrate systems.
• Compliance: Ensure business software meets regulatory or governmental compliance requirements. Staying compliant with regulations such as GDPR, CCPA, and others helps in protecting data and avoiding hefty fines.
• 24/7 Monitoring: Monitor networks and systems around the clock with a dedicated response team. This continuous vigilance helps in early detection and swift response to any suspicious activities.

For organizations unable to manage these measures internally, partnering with specialized cybersecurity service providers is recommended. These services can range from developing a managed solution that pairs with internal IT resources to completely outsourcing the task. External partners bring expertise, advanced tools, and a broader perspective on emerging threats, enhancing the institution's cybersecurity posture.

Ensuring Compliance for Your Organization

As cyber threats become more sophisticated and prevalent, it is essential for financial institutions to implement robust cybersecurity measures to protect themselves from costly attacks. Proactive measures, coupled with effective mitigation strategies, are crucial in safeguarding sensitive data and maintaining the trust of consumers and stakeholders. While regulations aim to enhance cybersecurity measures across the financial sector, understanding how they apply to your specific organizational structure is crucial for ensuring compliance and avoiding potential penalties.

To get started, consider taking the following steps:

• Review Updated Regulations: Thoroughly review any updated cybersecurity regulations to understand the changes and their implications for your institution and any affiliated entities.
• Assess Compliance Obligations: Determine whether your institution and its subsidiaries or affiliates fall under the definition of a "covered entity" as per the revised regulations.
• Implement Appropriate Measures: Take necessary steps to ensure compliance with cybersecurity requirements, including implementing appropriate measures to safeguard sensitive data and protect against cyber threats.
• Seek Expert Guidance: Consult with legal and cybersecurity experts specializing in financial regulations to ensure comprehensive compliance and to mitigate any potential risks.

Take Proactive Measures

As the cybersecurity landscape continues to evolve, it's critical that your financial institution is prepared for possible threats. Given the valuable data and compliance requirements, it's not surprising that credit unions face unique challenges and threats in the cybersecurity space.

A comprehensive cybersecurity strategy not only defends against current threats but also prepares institutions for future challenges. By investing in advanced security technologies, fostering a culture of security awareness, and collaborating with cybersecurity experts, financial institutions can build resilience against cyberattacks and ensure long-term stability and trust.

Connect with NewtekOne to learn more.