Financial institutions more exposed to hacker attacks and fraud attempts
16 August 2006
Almost half of the 150 leading financial institutions in the survey experienced at least one internal breach. Phishing and pharming accounted for more than half of the external attacks (51%), followed by spyware or malware utilization (48%).
The attacks are highly sophisticated and targeted and require significant resources and coordination. This adds up under the fact that professional hackers and organized crime have entered the domain once ruled by script kiddies playing games in the basement. This marks a shift in trends leaving organisations more vulnerable and exposed to increased risks and potential losses. Financial organisations should take these factors into account when creating and implementing security strategies.
George Stathos at Deloitte, who made the survey, says that identity theft (phishing), account fraud, and access management made their way into the top five security initiatives for 2006.
As a consequence of this increase in attacks, organisations and institutions should pay more attention to security and seek to implement more holistic security strategies. But strangely security awareness and training dropped off the top five initiatives this year. While 96 % of respondents were concerned about employee misconduct involving IT systems, only 34 % had provided their staff with some form of information security and privacy training during the last 12 months. Effective security training methods such as orientation training and recognition of bad behaviour ranked very low.
Financial institutions and organisations in the hackers target zone should undoubtedly make some preventive steps in order to avoid being attacked. One important step is to make sure they have the necessary security solutions and products. Norman offers a variety of solutions that protect against the abovementioned threats. You can read more about them here.
