Once again, financial institutions are in the news; this time as the target of a cybercriminal ring. Given the bulk of cybercrime (75 percent) is financially-motivated, it’s no wonder this sector of the global economy is back making headlines.
However, this time, it’s a bit of good news to see a gang of cybercriminals busted for stealing $45 million over the course of a few hours. Referred to as a “massive 21st-century bank heist”, the fraudsters worked quickly to loot financial institutions around the globe, according to news reports. Eight people are under arrest in the U.S. in connection with thousands of thefts from ATMs using bogus magnetic swipe cards.
Did you know that cyberattacks against financial institutions represent 37 percent of all breaches examined in the Verizon 2013 Data Breach Investigations Report?
According to this year’s findings, there are three common scenarios targeting financial services firms. In order of commonality, these include:
- Planting skimming devices on ATMs to steal magnetic stripe data from payment cards (61% of breaches)
- Stealing user credentials (user name/passwords) and using them to gain unauthorized access to accounts over the web (16% of breaches)
- Employees abusing their access to systems to steal information to sell to fraudsters (15% of breaches)
The most common information stolen includes payment (debit) card info; bank account info and personal consumer information, such as name, address, and social security number.
These attacks are primarily carried out by professional criminal groups, who are expert at stealing data from banks, credit card processors and the like.
"Breaches can happen at any time,” said Scott Eason, global vice president of sales for Verizon Enterprise Solutions’ finance, insurance, retail and hospitality industries. “No one knows better than financial institutions that the best defense is a strong offense. With the proper safeguards in place, many breaches can be stopped before any damage is done."
For more information on this year’s data breach findings, please visit http://www.verizonenterprise.com/DBIR/2013/. Verizon offers security services to enterprises in more than 50 countries to help safeguard their data and prevent cybercrime from occurring.