Financial Institution Cyberattack Risks Are Growing


November 23, 2021

Is Your Organization Prepared to Meet The Threat?

In the first half of 2021 alone, financial institution cyberattacks increased 1,318% over the year before, according to the latest numbers from Security Magazine.

Why? It’s no mystery. The financial industry has the kind of sensitive, damaging personal transaction data that hackers want. And if you don’t pay the ransom, no matter. They’ll make their money selling off your customer’s routing numbers on the dark web.

Naturally, the criminals are following the money. And bigger cybertheft operations have even started Ransomware as a Service (RaaS) to anyone who wants to mount an attack. Cybercrime has turned into one of the world’s biggest industries, bringing in more money than the GDP of many smaller nations. So it goes without saying, It’s time to take a good look at your financial institution cybersecurity strategies. Is your plan up to the challenges ahead?

Tactics for financial institution cyberattacks keep evolving. But, in general, they’re looking to find the tiniest chink in your security armor. That usually means they’re trying to fool your employees or customers with bad links, or find incursion points where they can load silent but deadly malware into your system. Let’s take a look at some of the most common tactics.

Spear Phishing

Ah, our old friend spear phishing. Welcome to a world where you can’t trust anyone and your employees will be your biggest threat. When a hacker uses spear phishing, s/he sends emails that appear to be from a known, trusted source. These emails request confidential information, such as log in information, passwords, and other sensitive data. Employees, thinking they are providing information to a CEO or CFO, hand over the information without another thought. Who wouldn’t want to help the Big Cheese?  This popular cybersecurity attack is also known as “business email compromise,” or BEC.

ATM Malware

You go up, you insert your card, you tap in a few numbers, and a machine happily spits money into your hand, you take your card and go on with your day. That’s what should happen, in a perfect world.

Hackers, never failing to disappoint, developed ATM specific malware called GreenDispenser. This malware allows the bad actors to withdraw enormous sums of money while flying under the radar of detection. The group Carbanak targeted financial institutions by infiltrating their internal networks and installing malware that drained ATMs of cash.

Reverse ATM attacks are a newer, growing problem. PoS terminals are targeted, with money mules reversing transactions after money is transferred or withdrawn. Financial institution cyberattacks were addressed in October 2015, when ATM and credit cards were required to have a Chip and Pin system or an EMV.

The group Carbanak targeted financial institutions by infiltrating their internal networks and installing malware that drained ATMs of cash.

PoS malware specifically targets terminals to steal customer data during checkout at stores. These attacks are the famous “card skimmer” attacks; bad actors use a memory scraper that detects unencrypted credit card data which is sent back to the hacker. At that point, the hacker will use the information for his own gain or sell the information on the dark web.


Imagine a world where your employees and customers can’t access your network. What would that look like for you? Your customers? Your employees? How much downtime can your financial organization afford?

DDoS is not exclusive to the financial sector, but it’s another disturbing financial institution cyberattack. Distributed Denial of Service occurs when a bad actor overwhelms a network with false traffic and multiple comprised networks.

Sometimes, just disrupting your daily operations is enough; other times, the cybercriminal follows up their action with a payment demand in exchange for freeing your network. Financial institutions rely on their internet service provider to redirect the false traffic and share information about these attacks amongst each other through organizations like FS-ISAC4.

Credential and Identity Theft

Hackers use Trojans like Dridex to infect computers and networks. Like all Trojans, it requires a human interaction to be introduced into the network, mostly by unwary users clicking on them in a phishing email. Once the malware is in the network it quickly gets busy spreading throughout all the computers and the entire network, stealing credentials, account information, and your customers’ money as it goes.

Social Media Attacks

Facebook isn’t always your friend. Hackers can create a financial institution cyberattack by using a fake profile on the social media sites you know and trust. Unsuspecting visitors to that profile or page will give the bad actors all the information they need for social engineering attacks.

Facebook and Twitter are rising to the challenge of these attacks with new regulations like the general Data Protection Regulation. They have tightened privacy and security policies to try to protect their users. Still, you can’t afford to overlook this financial institution cyberattack; the fallout of social media attacks and the related data loss could cripple your business.

Financial Institution Cyberattacks: Are You Prepared?

Things are always changing in the world of financial institution cyberattacks. New trends, such as the rise of virtual money (cryptocurrency) and the attacks that go along with it (cryptojacking) means that you may never be able to keep up. Added to the “bad actors list” is organized crime, such as paid state actors and syndicates.

Even worse, most hackers use more than one method of attack to capitalize on the incident. If your financial organization has been targeted before, you’re not safe; your odds of a repeated financial institution cyberattack increase after the first threat is recognized. Cybercriminals will keep chipping away at your security wall, brick by brick, until they find the weakest block and break through.

Fortunately, you can discourage hackers by making your institution a difficult target. And here at Iconic IT, we specialize in helping financial institutions like yours do just that. If you’d like to take a deeper dive on the subject of IT Cybersecurity, download our free, comprehensive IT Strategies Kit. When you’re ready to look into your security options, let us give your cybersecurity strategy a once-over with a free assessment. You’ll learn where your solutions are rock solid and where you need to shore them up. As a bonus, we will help you make sure you are compliant with the rules and regulations governing your vertical. Contact us today.

We're Integris. We're always working to empower people through technology.

Keep reading

vCIO vs. vCISO: What’s The Difference? 

vCIO vs. vCISO: What’s The Difference? 

Managing your IT operations is a big job, especially if you're a small or mid-sized company without the resources to hire a full internal IT staff. In these cases, most companies hire a managed IT service provider to fill the gaps. Yet, knowing who to hire and what...

Retainers for vCIOs and vCISOs: A Comprehensive Guide

Retainers for vCIOs and vCISOs: A Comprehensive Guide

If you're running an IT department at a small to mid-size company, you know— the demands on your infrastructure are greater than ever. Cyber threats are growing at an alarming pace, primarily fueled by the accessibility of AI to hackers. Cloud productivity, system...