Key insights
- Cybercriminals are looking to exploit the uncertainty surrounding the bank industry failures and strains. Be alert for increased cybersecurity risks.
- The cyber risks of tomorrow will not be limited to high-profile bank closures. Cyber threats will continue to test the mettle of organizations across all industries.
- Organizations need constant vigilance from management, layered security controls, informed customers, and savvy employees to help protect assets and preserve the organization's reputation.
Help protect your organization from cybersecurity risks
In light of the failures and strains in the bank industry, organizations should be alert for cybercriminals looking to exploit this uncertainty to commit criminal activities.
Watch for social engineering and phishing attacks
An organization’s most valuable assets are at risk: data and reputation. The criminals want the data and will try to damage reputations to get it.
The most successful method of attack continues to be social engineering. Phishing attacks often provoke emotional responses, which may cause the target to not think critically.
Uncertainty around financial markets could lead reasonable individuals to click a link in an email that says their bank is closing or their account has a zero balance. These links could lead to a spoofed website where they may be asked to enter usernames, passwords, or to download a malicious file. These files may contain malware that could setup a backdoor from the target’s computer where the cybercriminal could run commands remotely.
Be on the lookout for suspicious phone calls
These criminals also may call a financial institution pretending to be a representative from a government regulator requesting sensitive or private information or try to get the target to break other security protocols. In this attempt, the attacker could then use this information, or unauthorized access, to perpetrate a deeper attack.
Cybercriminals also may email or call a customer pretending to be a representative from the financial institution informing them of a branch shutdown and demanding sensitive or private information.
In times of high stress, cybercriminals will leverage news platforms, social media applications, email, and business websites to identify targets and develop new and uncommon attack methods.
Take steps to help protect your organization from cyber threats
To counter the risks of social engineering, consider these steps:
- Actively train employees and customers to identify email phishing, fictitious phone calls, and malicious websites.
- Continue to strengthen technical controls, including preventing malicious emails from reaching an employee’s inbox, blocking newly registered domains, removing malicious file types like executables (.exe), and inserting banners that warn to be cautious of emails from senders outside the organization.
- Have the information technology department adopt hardening standards on networks, business applications, servers, and end points and remediate vulnerabilities with regular scanning and patching.
- Cultivate a proactive cybersecurity culture by leveraging intelligence platforms, regulatory guidance, and peer networks to maintain a mature, informed, and prepared security posture.
Remember, the cybersecurity risks of tomorrow will not be limited to high-profile bank closures. Cyber threats will continue to test the mettle of organizations across all industries. You’ll need constant vigilance from management, layered security controls, informed customers, and savvy employees to help protect assets and preserve the organization's reputation.
How we can help
Protecting your critical assets from cybersecurity threats is not getting easier. CLA has experienced industry specialized teams, supporting various organizations not only to evaluate controls but also assist with handling cyber incident responses and important technical infrastructure to protect the perimeters of the organization. Learn more about CLA’s cybersecurity services.