People assume that banks are secure by nature and money and account information is kept safe behind vault doors and secure computers. Unfortunately, that is not always the case in the digital world in which we live. Between online banking and the amount of data that banks are now able to store on consumers, it’s no wonder that cybercriminals are targeting financial institutions. Without proper security measures in place and secure data storage, banks will continue to experience data breaches and in turn, other consequences that damage its reputation and ability to serve people.
Threats Facing Banks During the Pandemic
Banks had enough trouble with cyberattacks even before the pandemic as attackers still targeted them because of the amount of personal data they stored and the potential access to large sums of money. The COVID-19 pandemic has led to a “dramatic transfer of wealth between the government and citizens and businesses we’ve ever seen” according to Tom Kellermann of VMWare Carbon Black.
Kellermann also said that since the beginning of the pandemic in February, there has been a 238% increase in the number of attacks on the financial sector. Some of the common cyberthreats facing banks include:
- Credential Stuffing
- Phishing Attacks
- Ransomware
- Cloud Security Issues
Whether a hacker is using stolen account credentials to access customer data or a cloud storage system is vulnerable to unauthorized access, these threats have only grown. Mobile banking has increased due to the shelter-in-place orders nationwide and hackers are using app-based banking trojans and fake banking apps to obtain account data.
Cybercriminals are also using a bank’s own infrastructure to attack customers through online portals. Once a hacker has control of a bank’s systems, incidents of ransomware increase and the amount of money required to have access returned has grown substantially with the largest amount of ransom paid jumping from the hundred thousands to the millions from 2018 to 2019. With more opportunity for mayhem, competition will arise between hackers resulting in more complex hacking methods than ever before.
Storage Issues for More Than Just the Numbers
Banks store a mass amount of data on you including your address, name, income, and social security number. This personally identifiable information (PII) is kept within the bank’s data warehouse or some other type of internal system. In some cases, there is so much data that organizing it all would take more time and manpower than many financial institutions have access to. This spells trouble for banks when they experience a data breach, because they may not even know what data was compromised.
For financial institutions, “Data storage and warehousing are the top problems they are looking to resolve,” John Macaluso, SVP of bank solutions for Fiserv. They don’t just need larger capacity for data storage but must adhere to regulatory and legal storage requirements. One database of banking information is no longer sufficient for financial institutions and employees must have secure and easy access to this information to ensure customer satisfaction and efficient service.
Combatting Data Security Issues in the Financial Sector
There are a few simple measures that financial institutions can implement into their operations to ensure customer data is protected:
- Monitor security and use a threat detection tool
- Create a disaster recovery plan
- Encrypt your data
- Strong user authentication methods
- Restricting employee data access to certain people
The overarching goal of new data storage systems is to protect the information of the banking customers. They need to know their data is kept safe from cyberattacks and trust that the bank is in control of the data without third party interaction.
The SecureDrive products are hardware encrypted storage devices that can easily store data in all large-scale industries such as finance. They meet all the criteria for trustworthy storage systems as they are GDPR compliant and are FIPS 140-2 Level 3 Validated for total security. Data is completely encrypted both during and after transfer and the devices come with built-in antivirus protection to keep corrupted files from being transferred between a computer and a SecureDrive product.
Banks can limit employee access with read-only modes and remote password reset on the BT SecureDrive model. The devices can only be accessed through a complex PIN or secure wireless mobile app which has the option of biometric authentication using the paired mobile device. The SecureDrive products offer a reliable long-term backup solution free from cyber threats and can easily be implemented into existing operations.