FINANCIAL INSTITUTIONS
Financial services is the #3 industry for cyber insurance claims.
3 Types of Cyber Incidents Affecting Financial Institutions
Ransomware
Malicious software that cybercriminals use to threaten to publish or block access to sensitive data. Ransomware encrypts files on a financial services organization's network. From here, a cybercriminal demands a ransom for a decryption key that allows a financial services organization to restore access to its files.
SQL Injection
The use of malicious SQL code to access data in a financial services organization's databases. A cybercriminal can use SQL injection to manipulate or delete a financial services organization's databases.
Phishing
The use of fraudulent emails or texts to trick a financial services employee or customer into providing access to business systems, disclosing sensitive data, or sending money. Cybercriminals use phishing attacks to infect financial services systems with malware. They also perform phishing attacks to claim they are a financial services executive or third-party vendor and request an employee or customer send money to an external bank account.
What Cyber Attack's Look Like for Financial Institutions
Targeted Login Credentials
A Singapore bank was the target of a phishing scam. Cybercriminals sent phishing emails to nearly 800 of the bank's customers and requested their login credentials. Once victims provided these credentials, cybercriminals could access their bank accounts. The bank lost at least $13.7 million due to the phishing scam.
Bank SQL Injection Attack
A New Zealand bank fell victim to an SQL injection attack. During the attack, a threat actor gained access to the bank's databases via a third-party file-sharing service. It was unclear what bank information the threat actor accessed or how many of its customers were impacted.
Customer Data Publicized
Two ransomware groups stole customer data from three small U.S. banks and posted evidence of the theft online. They demanded a ransom in exchange for not releasing the remaining stolen data publicly.
When the worst happens, you'll have the best legal, technical and financial support
Backed by a multi-billion dollar insurance partner, DataStream provides broad coverage for your first-party and third-party losses, including breach, ransomware, cybercrime, cyber terrorism, and risk analysis tools.