With reported cyber-attacks against the financial sector rising by 480%* in 2018 and with the proliferation of automated hacking tools, the risks have never been greater. We take a look at some of the most infamous cyber-attacks against the sector.
What happened: In September 2017, Equifax revealed that it had suffered one of the biggest data breaches in history. Hackers managed to infiltrate Equifax systems via an unpatched security vulnerability. The company had been alerted to the vulnerability in March 2017, but it remained unpatched. As a result, the hackers had months-long illegitimate access to its credit-report databases leading to the theft of 143 million personally identifiable pieces of information, nearly all details belonged to U.S. based users. The total number grew through March 2018 to over 148 million.
Financial cost: The cost of the breach was around $439 million, however, $125 million was covered by an insurance policy. According to the Ponemon Institute, the overall cost of the breach could be more than $600 million. (update- as of May 2019 Equifax in its latest Security and Exchange Commission filing the company is estimating it has spent about US$1.4 billion (£1.1 billion) recovering.)
What happened: Hackers took advantage of a weakness in Bangladesh’s Central Bank security by introducing malware via the SWIFT system to steal hundreds of millions of dollars. Using SWIFT credentials, hackers duped bank employees into sending fraudulent money transfers upon request to the Federal Reserve Bank of New York. They then transferred funds from the account the Bangladesh Bank held there to accounts in Sri Lanka and the Philippines.
Financial cost: $81 million was successfully stolen making it one of the biggest bank robberies in history.
What happened: In February 2018, the Russian Central Bank (RCB) revealed that one of the nation’s leading banks had been hacked via the SWIFT system resulting in the theft of $6 million. The report showed that a string of Russian banks had been targeted in the preceding months.
Financial cost: $6million was stolen, however, the true cost of the hacker campaign against Russian banks has not been disclosed by the RCB.
What happened: In October 2017, the Taiwanese Far Eastern International Bank was breached after hackers managed to install malware onto its systems and gain access to its SWIFT terminal. $60 million was stolen as a result, however, much of the money was recovered and two people were arrested for their connection to the heist.
Financial cost: All but $500,000 of the $60 million stolen was recovered.
What happened: Several large-scale cyber-attacks against banks across the globe occurred via the SWIFT system. The Bangladesh Central Bank theft was just one of many instances. The attacks involved hackers from the group APT 38 who managed to install malware onto the target banks systems that was designed to both issue unauthorised SWIFT messages and cover up the fact that they’d been sent. Once the SWIFT messages were sent, they were deleted along with the database detailing the transfers.
Financial cost: The true cost of the SWIFT attacks is unknown as attacks continue to be reported by banks worldwide but it is likely to be well into the hundreds of millions of dollars.
What happened: In September 2012, the websites of the USA’s biggest banks were hit by DDoS attacks, severely disrupting customer services. The scale of the DDoS attack was regarded as one of the biggest of its kind in history (albeit this attack has since been surpassed). The Middle Eastern group Izz ad-Din al-Qassam Cyber Fighters publicly claimed responsibility but some cybersecurity experts doubted this was the case. Instead, Iran was suspected as the culprit by the authorities.
Financial cost: Aside from the disruption to services, the banks also suffered some reputational damage.
What happened: In February 2019, the Bank of Valletta was hit by a cyber-attack that resulted in the bank temporarily suspending all of its services including ATMs and even its website twice in the space of two weeks. The hackers dubbed EmpireMonkey by investigators said that they had infiltrated the bank's systems via a phishing campaign. The hackers attempted to steal $14 million.
Financial cost: $14 million was stolen during the attack, however, the fraudulent transactions were traced and reversed. The cost as a result of the disruption is not known publicly.
What happened: In 2016, hackers managed to steal over £2 million from the accounts of 9,000 of the bank’s customers. The identity of the attackers remains unknown. The Financial Conduct Authority blamed the bank for a series of poor security choices and processes that allowed the attack to continue for 48 hours before it was stopped. A series of blunders were recorded resulting in the FCA fining the bank.
Financial cost: As well as the money stolen, the FCA fined Tesco Bank a record £16.4 million.
What happened: JP Morgan Chase revealed in September 2014 that it had been breached in July but had been unable to halt the attack until August. Hackers had managed to compromise data associated with up to 83 million accounts including 76 million households and 7 million small businesses. The hackers used a variety of methods to breach the bank’s systems including brute force attacks and the Heartbleed vulnerability exposed in the previous year.
Financial cost: The main costs of the attack came in the form of the resources used to try and stem it and the impacts on the bank’s reputation. The incident made headlines across the world.
What happened: In October 2015, Experian announced that the details of 15 million of its customer's details had been compromised. The data included; names, dates of birth, social security numbers and additional information used in one of its customers, (T-Mobile) credit assessment process. The attack went undiscovered for two years. The 2015 breach was not the first against Experian who in 2014 suffered a breach that exposed the social security numbers of 200 million Americans.
Financial cost: The hack cost Experian more than $20 million as it was taken to court several times in class action lawsuits. The companies pre-tax profits declined 14% from $534 million to $458 million and 2015’s revenue was reported to have fallen 6%.
Financial institutes can take control of their cybersecurity by using the award-winning CyberScore™. CyberScore™ is an automated testing service that allows you to take control of your cybersecurity by detecting vulnerabilities and providing you with empirical evidence and Get-Well plans. The score itself also allows you to clearly demonstrate to the board simply where your organisation currently stands in terms of its cyber risk rating and security posture.
XQ Cyber also offers a range of incident response and consultancy services such as Penetration Testing, Cyber Posture Assessments and Incident Response preparedness and testing.
* FCA data, year-end December 31 2018