Report: Financial institutions face cloud-based threats
Over one year into the pandemic, different financial institutions report costly consequences to falling short of protecting their data storage from cloud-based attacks and network disruptions. The report is based on more than 800 responses from IT professionals working in the financial services industry in North America, Latin America, Europe, and the Asia-Pacific region.
- Data breaches are an increasingly significant cost burden for the industry: Worldwide, financial firms that experienced a data breach reported estimated average losses of roughly $4.2 million per attack, with U.S. organisations hit hardest at $4.7 million in estimated losses.
- Network outages also result in costly burdens: Institutions lose an estimated $3.2 million on average with Asia-Pacific followed by European institutions carrying the heaviest losses at $4.3 million and $3.1 million respectively.
- The industry remains a popular target for cloud-based attacks: Over half of all organisations (54%) surveyed suffered a data breach in the last 12 months with 49% plagued by a cloud malware attack as well.
- Cloud and network-based attacks will continue to be a major threat vector: More than 50% of respondents expect to face a combination of IoT attacks, cloud vulnerabilities including misconfigurations, and data manipulation attempts over the next 12 months.
- Threat resolution teams are embracing network visibility for security hygiene: Globally, network monitoring (76%), threat intelligence (64%), and threat hunting (57%) are considered the most effective mitigation tactics against these threats.
Even before the pandemic, tech companies were increasingly seeking moves to the cloud. The COVID-19 crisis has accelerated the adoption of cloud computing by the financial sector as part of its process of digitalisation. As companies transition and move data, there can be a lack of protection due to a number of factors such as undertrained staff and insufficient firewalls.
“The financial services sector has long been a target for bad actors who are following the cyber money trail into the cloud,” said Anthony James, VP of Product Marketing at Infoblox. “As the pandemic pushed IT infrastructures to rely on remote work, cloud-based technologies that enabled digital transformation also created soft spots for cyber criminals to exploit.”
“This report shows us that cloud compromise has become the biggest cybersecurity issue for financial institutions and the investments they are making to protect themselves,” James continued.
Legend: John McAfee
John McAfee is credited with starting the entire cybersecurity industry. In 1987, he set up McAfee Associates and released VirusScan. Previous antivirus programs had been released, but McAfee’s was the first with mass appeal and was soon a day zero (or at least day one) installation for Windows users as well as corporate clients.
But McAfee was also a hugely divisive character. He dismissed his own software, claimed he never used it, and rejoiced when Intel bought McAfee and took his name off “the worst software on the planet.” He was anti-tax, pro-drugs, anti-war and pro-free trade. He was also a tireless crusader for cyber awareness, and set up a political party called the Cyber Party in order to make a bid for the office of president of the US.
“I am now everlastingly grateful to Intel for freeing me from this terrible association with the worst software on the planet”
McAfee: born in the UK
McAfee was born in Gloucestershire, UK, but moved to Salem, Virginia, where his American father (his mother was English) shot himself when McAfee was 15. McAfee worked at NASA, Univac, Xerox, Computer Sciences Corporation, Booz Allen Hamilton and Lockheed. It was while working at the latter he was given a copy of Brain, the first computer virus for PC, and began to engineer a defence.
Controversy dogged McAfee. He was implicated as a ‘person of interest’ in the search for a neighbour who had been shot. He married a prostitute. He claimed a cocaine baron was writing his biography. He was arrested for possession of an unlicensed weapon and for manufacturing drugs in Belize (later released without charge). There were various other arrests (mainly weapons related) but not much would stick until McAfee’s anti-tax stance caught up with him.
He fled the US as tax authorities turned up the heat on at least four years of non payment of tax and was arrested (again) in Spain in October 2020 at the behest of the US Department of Justice. Charges for fraudulently promoting cryptocurrencies were soon added and he was formally indicted in March 2021. In June 2021, the Spanish National Court authorised McAfee’s extradition to the US, and McAfee was found dead in his cell just hours later in what is widely believed to be a suicide.
Even in death, McAfee courted controversy, having announced that if he was ever found to have committed suicide, it would mean he had been murdered. A slew of conspiracy theories mushroomed in the hours after his death was announced. It’s just what he would have wanted.