Guide Managed Security

Top 10 cybersecurity risks and threats for the banking sector in 2024 

Top 10 cybersecurity risks and threats for the banking sector in 2024 

The banking sector is at the dawn of the digital transformation. Technology offered immense potential but at the price of being constantly on the radar of cyber criminals targeting their information assets that may contain the most sensitive data.   

To meet the growing competition by creating new experiences for customers, banks and financial institutions have started integrating AI/ML and are offering new services that are entirely digital.  Today, banks can offer click-of-a-button services meant for smooth, quick, and unique experiences to their customers.  

However, to make this possible, they are liable to ensure the smooth functioning of the digital platforms that process, store, and manage customer data.   Due to this, banks are under high pressure to maintain security for all the information assets of their customer-specific financial data and personal information.  

They are also liable to adhere to compliances they are subjected to by local and global regulatory compliance bodies.   

What makes the banking sector vulnerable to cyber-attacks? 

There are multiple reasons why banks will be more vulnerable to cyberattacks unless they identify potential risks and take measures for

1. Mobile banking  

According to a 2022 survey, 78% of Americans used mobile banking for all banking-related activities like transferring money, investing, etc. Cybercriminals leverage this fact to exploit the security weaknesses in mobile banking applications, lure users into transactions using fake applications that resemble original banking apps and copy user inputs like credentials using keyloggers.   

2. API and third-party integration 

If APIs are not assessed regularly for their security posture, they can become vulnerable to cyber-attacks. API attacks have grown over the years due to the increased number of businesses that render digital experiences through applications. In Q2 of 2023, API attacks on banks through web applications grew by 65%. 

3. Cloud-specific vulnerabilities 

Banks have become dependent on cloud services to render their services and operate better. However, this has made them more vulnerable to cybercriminals who exploit the security vulnerabilities left unaddressed in cloud platforms used by the banks.  Once cybercriminals exploit the misconfigurations in cloud platforms, they can engage in data theft/alteration, change access permissions, cause operational disruptions, and inflict considerable damage to the bank.  

4. Unencrypted data 

A lot of data on banking platforms remains unassessed for unencrypted data and cyber attackers can easily access this data. Cybercriminals may go one step further to engage in ransomware attacks by encrypting all data or simply stealing all data through a breach. They may even sell the stolen data on the dark web for a price.   

Banking is one of the sectors that are witnessing an upward trend when it comes to fraud, credential theft, and phishing. There is a significant rise in ransomware attacks in the financial services sector nearly doubling from 34% in 2021 to a whopping 64% in 2023.  Some of the eye-opening cyber-attacks in the banking sector in 2023  

Some of the eye-opening cyber-attacks in the banking sector in 2023

This year, we have witnessed some of the biggest cyber-attacks in the banking sector. There were more than 1829 cyber-attacks, with the average cost of a data breach being $4.45m. 

Some of them include:  

  • Latitude Financial – 14 million records compromised in March 2023  
  • ICBC Bank ransomware attack that massively disrupted operations over 60 credit unions in the US experienced outages due to ransomware attack   
  • NCB management breach where the cybercriminal stole up to 1 million financial records from banks such as Bank of America.   

As we move towards 2024, we explore the potential cyber risks and threats the banking sector may face in the coming year.

Cyber threats for the banking sector in 2024 

The following are some of the cyber threats that will be faced by the banking sector in 2024: 

5. Malware and Ransomware attacks

The recent ransomware attack on one of China’s largest banks ICBC was an alarm for many banks. The said bank had to pay the ransom (probably in billions) to the suspected Lockbit ransomware group which operates ransomware as a service through Lockbit software.  

The coming year will see increased sophistication and frequency in ransomware attacks on banks causing far more damage to the data assets and infrastructure of banks with massive disruption to their operations. Additionally, banks are at increased risk of paying ransom which is usually in millions or even billions of dollars or paying fines as a result of non-compliance to the regulatory bodies. 

6. AI-based threats

The increased use of AI in rendering banking services, like the use of AI-based chatbots to create new customer experiences, has exposed banks to a new range of cyber threats. In response to this, cybercriminals are leveraging artificial intelligence to orchestrate attacks on banks based on theft, reverse engineering, and manipulation of machine learning models. They may also engage in data poisoning attacks that are based on manipulating the data that is fed to machine learning models such that they produce incorrect results or cause misbehavior.  There will be more attacks in 2024 on banks based on artificial intelligence-based tools that are highly persistent and difficult to detect by standalone measures of security.   

7. Social engineering attacks

Since the introduction of AI-based chatbots, even non-native English-speaking cyber attackers have used these chatbots to create social engineering-based phishing emails and make them more legitimate and believable. Cybercriminals target users on social media platforms like WhatsApp and Telegram and engage in social engineering techniques to lure them into installing malicious applications that are meant to steal their data or inject malware into their systems. They might also lead them to a fake banking website asking them to engage in a banking transaction. The next year will see an increase in social engineering attacks on banks. As per a research report, banking frauds based on mobile applications rose from 47% in 2022 to 61% in 2023 

8. Advanced Persistent Threats (APT)

As banking institutions move towards more digital avenues to stem their growth, cyber attackers put more time into studying their targets, making these modern threats highly challenging to detect. Since the banking sector forms a part of the critical infrastructure, state-sponsored threat actors continue to make their moves against the banking sector to cause undetected prolonged persistence in networks with their attack campaigns.  

Therefore, in 2024, it should become a top priority for banks to secure all their sensitive intangible digital assets and enhance the security of their transactions. Attackers may use Living-off-the-land (LotL) attacks, using legitimate tools and features preexisting in their target infrastructure to camouflage themselves into their network. LOtL attacks are one of the top concerns for banks in 2023 since they are the toughest to detect.

9. Insider Threats

What makes insider threats the most dangerous is that employees already have access privileges and can leverage existing permissions to orchestrate attacks without getting detected. As per Searchlight Cyber research, one of the most popular posts on forums on the dark web was initial access broker posts where they would provide info on exploitable vulnerabilities to gain access. It contained posts on infiltration methods like SQL injection and remote code execution.  

In many cases, experts have found that a cybercriminal would even recruit a bank employee to give out important intel on their bank’s security setup.  In 2024, banks must be able to predict the tactics deployed by adversaries since they will face a higher risk of insider threats.

10. Third-party vendor breach 

Since banks depend on third-party vendors to render their services digitally, any cyber-attack on third-party vendors could have a major impact on the operations and reputation of the bank. The Northfield Bank vendor data breach in 2023 was a wake-up call for all the banks that rely heavily on vendors that haven’t yet prioritized third-party vendor risk management.  The breach was caused by the exploitation of security vulnerabilities in the popular file transfer application MOVEit.  

Since NorthfieldBank rendered customer data to its vendor, it claimed unauthorized access to its customer data, including their personal information like their social security numbers, bank account numbers, and addresses. 2024 would mean for banks to periodically keep their vendors’ posture on track and sign agreements on following the latest industry best practices to avoid getting exposed to cyber-attacks.

Check out the Cybersecurity Prediction: Top 10 Cybersecurity Trends in 2024

Read More

Endpoint Security