Financial Industry Cybersecurity: Attacks Increased Fivefold in 2018

financial industry and cybersecurity
Financial Industry Cybersecurity: Attacks Increased Fivefold in 2018

According to the Financial Conduct Authority, the UK saw a fivefold increase in data breaches in 2018 compared to the year before. In April 2018, seven retail UK banks, including Royal Bank of Scotland, Santander, Barclays and Tesco Bank had to shut down or limit their systems after hacks that cost them hundreds of thousands of pounds to fix. And while their technical security measures have improved greatly in recent times, there is still much to be done, specially from the human side.

In October, Tesco bank was fined by the FCA £16.4 million as a result of their 2016 cyber attack that saw £2.26 million be stolen from 34 current accounts. The FCA said the fraud netted cyber-attackers £2.26m, exploiting deficiencies in Tesco Bank’s design of its debit card, its financial crime controls and in its financial crime operations team. And although the company stated that perpetrators didn’t steal any of their customer’s private information, they could manage to make 34 transactions in which funds were debited from accounts and other customers, having normal service disrupted.

This case, which occurred in November 2016, highlights the capital importance of properly designed and strong security measures for financial institutions, moreover when most of their daily operations do take place online. Managing Director of tech infrastructure specialists TransWorldCom, Paolo Sartori comments on what is the next step in the ongoing fight to protect our data :

“We have long been told that businesses and individuals alike need to be planning ahead of hacks and the ensuing data breaches, but with hackers becoming more creative it seems our public cyber security needs to be improved. While banks normally have excellent and secure cyber security, it is only as strong as the security measures of individual employees, as malicious emails can penetrate even the most robust protection measures. In terms of ensuring that data is safe and secure for the future, there needs to be a concerted effort to educate individuals against the full scope of data threat.·

tesco bank
Tesco bank was fined by the FCA £16.4 million as a result of their 2016 cyber attack that saw £2.26 million be stolen from 34 current accounts

The risks attached to a security breach in financial services are even more damaging than in any other industry, as it is the user’s money what it is at stake. In addition to causing immediate financial losses, breaches can undermine longer term confidence in new solutions, leading to lower adoption rates—particularly among users with less experience engaging with digital services. And in the digital world we live in, these banks can’t allowed that to happen, and therefore, their effort into training their personnel in cybersecurity must be a priority.

“Personal and professional cyber security go hand-in-hand, a chain is only as strong as its weakest link, and financial workers succumbing to fake emails for example leave us all exposed. It is easy to separate consumer data from corporate or public cyber security but in reality we are all human and education against these kind of attacks is of the utmost importance,” the expert said.

Cybersecurity plays out a big role in banks. Along with the usual hacker menace hanging over these products, there are some very real challenges they face in the shape of regulations and laws, and even lack of training of their staff. In the financial sector, any cybersecurity breach can be catastrophic as what’s at stake is not only a bunch of private data, but the future of the finance industry.