Top Cybersecurity Threats Facing Community Banks Today


September 24, 2023

Understanding cybersecurity threats is critical for community banks to lower the risk and frequency of cyber incidents and breaches.

First, let’s clarify a few definitions. Verizon makes the following distinction between incidents and breaches in their 2022 Data Breach Investigations Report:

  • An incident is a security event that compromises an information asset’s integrity, confidentiality, or availability. 
  • A breach is an incident that results in the confirmed disclosure—not just potential exposure—of data to an unauthorized party.

In this context, an incident is preferable to a breach because the IT department and your MSP identify “flammable conditions before a blaze.”

We’ll focus on three prominent risks and what you can do to mitigate these time-consuming and costly cybersecurity threats.


The Phishing Cybersecurity Threat

Phishing is a root culprit in cybersecurity threats. According to The Minneapolis Fed:

Email remains the largest channel for cyberattacks, with social engineering strategies such as phishing and business email compromise being the entry point for most attacks. 

In 2021, a survey of Financial Services Information Sharing and Analysis Center (FS-ISAC) members reported that 24 percent of cybersecurity incidents started with an employee being phished. 

Threat actors used compromised accounts to send more convincing social engineering messages to other employees and bank leaders to gain internal network access, steal credentials to banking platforms, and ultimately spread ransomware across critical bank systems.

The broader outlook for 2023 is equally concerning, with Nivedeta James of Get Astra reporting, “Phishing email statistics suggest that nearly 1.2% of all emails are malicious, translating to 3.4 billion emails daily. Extortion of over 33 million records is expected by 2023 with a ransomware or phishing attack every 11 seconds.”

Learn More: 50 Phishing Stats You Should Know


The Ransomware Cybersecurity Threat

A study cited by Egress revealed that “45% of ransomware attacks started with a phishing email.”

There’s an obvious reason for this elevated number, as they explain, “Taking advantage of human error by sending a phishing email is much easier than trying to hack an IT system because it relies less on the criminal’s technical skill and more on successfully tricking an employee into completing an action.”

This low technical barrier to entry and the curious nature of human beings create a perfect storm of glaring vulnerability. 

Phishing statistics from StationX underscore alarming cybersecurity threats:

  • Phishing click rates in the insurance and finance sector are 26.6% compared to 5.6% in education…for a point of reference.
  • 3% of employees will click on malicious links in phishing emails.
  • 55% of phishing attacks use established brand names to build credibility in their messages, so it’s easy to take the bait.
  • As of Q4, 2022, financial institutions accounted for 27.7% of phishing attacks.

And with the advent of generative AI and open source intelligence, threat actors can craft highly targeted, phishing emails, impersonating friends and business associates without glaring grammatical errors and typos that, in the past, made it easier to identify fraudulent messages originating in non-English speaking, rogue nation-states.

Cybersecurity Ventures predicts, “With a 30 percent year-over-year growth in damage costs over a decade, ransomware will cost its victims around $265 billion (USD) annually by 2031, with a new attack (on a consumer or business) every 2 seconds.”

Learn More: The Anatomy of a Ransomware Attack


The DDoS Attack Cybersecurity Threat

Andrew Martin of Insurance Journal notes, “The volume of DDoS or distributed denial of service attacks targeting financial firms increased 22% year-over-year as of November 2022.” 

Threat actors launch DDoS attacks with botnets, a hyper-scalable network of connected devices that direct a crippling volume of Internet traffic to impair or completely disable websites. Banks and financial institutions are persistent targets, with consequences that include:

  • Downtime
  • Operating losses
  • Extortion drama and payouts
  • Disruption from politically motivated “hacktivists” or business competitors
  • Resource-intensive remediation 
  • Public relations backlash; when a popular website crashes, it’s obvious to a wide swath of the population

Like many “Cybercrime-as a Service” offerings, “DDoS attack kits” are inexpensive, easy to purchase online, and available to large affiliate networks that launch digital onslaughts en masse via dark web browsers.

Learn More: What is a DDoS Attack?


Neutralizing Cybersecurity Threats at Community Banks

To neutralize cybersecurity threats, Integris recommends the following general best practices for community banks:

  • Adopt Multi-Factor Authentication.
  • Administer ongoing cybersecurity awareness training.
  • Conduct follow-up ethical phishing tests to assess employee aptitude and compliance, and repeat as necessary.
  • Require everyone to use a password manager with unique passwords for each account.
  • Maintain and enforce dynamic patch management policies, software, application, and device updates. 
  • Encrypt your data, back it up in geographically diverse data centers, and regularly test the backups.
  • Every community bank can benefit from an objective third-party review, especially if you haven’t had an IT Operations Assessment in over a year.

A qualified MSP can assess the effectiveness of your risk management program, implement the latest CISA Shields Up requirements, create a DDoS incident response playbook, evaluate third-party vendor contracts, security controls, and more.

Please schedule a free consultation to stay one step ahead of the latest cybersecurity threats.

Jed is a Solution Advisor at Integris who has specialized in MSP solution development, sales, and marketing communications since 2003.

Keep reading

vCIO vs. vCISO: What’s The Difference? 

vCIO vs. vCISO: What’s The Difference? 

Managing your IT operations is a big job, especially if you're a small or mid-sized company without the resources to hire a full internal IT staff. In these cases, most companies hire a managed IT service provider to fill the gaps. Yet, knowing who to hire and what...

Retainers for vCIOs and vCISOs: A Comprehensive Guide

Retainers for vCIOs and vCISOs: A Comprehensive Guide

If you're running an IT department at a small to mid-size company, you know— the demands on your infrastructure are greater than ever. Cyber threats are growing at an alarming pace, primarily fueled by the accessibility of AI to hackers. Cloud productivity, system...