Malware Attacks Targeting Smaller Financial Institutions

Credit unions and community banks must be prepared for the growing number of attacks on small FIs.

By Roy Urrico | July 20, 2016 at 05:54 AM

Credit unions and banks with less than $35 million accounted for 81% of hacking and malware breaches at financial institutions in 2016, a 54% increase over industry incidents in 2015.

New York City-based data breach response insurance firm Beazley in its "Beazley Breach Insights – July 2016" findings noted a sharp increase in hacking and malware attacks on financial institutions in the first six months of 2016, particularly those aimed at small banks and credit unions. The study, based on its response to client data breaches in the first six months of 2016, also found a consistent level of hacks in the healthcare, higher education and retail sectors compared to 2015.

During the first half of 2016, Beazley Breach Response Services unit managed 955 data breaches on behalf of clients, compared to 611 breaches during the same period last year. Financial institutions incurred 139 of these breaches, with breaches sparked by hacking and malware attacks being particularly common at institutions with revenues below $35 million.

Financial institutions reported a sharp increase in hacking and malware as a proportion of total breaches. In 2015, hacking and malware attacks accounted for 27% of the breaches Beazley handled for financial institutions. In the first half of this year, that climbed to 43%.

The report also revealed the proportion of data breaches originating from hacking and malware attacks in 2016's first six months across all industries stood at 31%, close to the 32% observed through midyear in 2015.

Higher education institutions continued to see a high proportion of breaches due to hacking or malware, with these accounting for 46% of industry breaches in the first half of 2015, up from 35% in 2015.

Within healthcare organizations, an industry that shares copious personal information, breaches caused by unintended disclosure represented 42% of all industry incidents in 2016 to date, a considerable rise from 30% in 2015. In the first half of 2016, hacking or malware caused 17% of healthcare breaches, down from 27% in 2015.

The rate of hacking and malware in the retail industry remained high, accounting for 49% of all retail data breaches handled by BBR Services in 2016, compared to 55% in 2015.

Ransomware attacks also continue to increase, with twice as many attacks in the first six months of 2016 (86) than Beazley handled in all of 2015 (43).

"The persistent high levels of hacking and malware attacks are a reminder that all organizations in all industries need to have plans ready to respond when a breach occurs," Katherine Keefe, global head of BBR Services, said. "The large increase we've observed in hacks aimed at financial institutions is noteworthy. Smaller banks and credit unions that typically have fewer defenses against these breaches are becoming bigger targets and need to be prepared."

Keefe recommended that financial institutions bolster their technology defenses as well as the training afforded to employees on cybersecurity and threat awareness. "There is a lot they can do to protect themselves," she said, "but the sobering reality is that not every breach can be prevented and businesses, including financial institutions, should have robust plans for managing breaches should they occur."

Can your cybersecurity strategy handle an attack? Do you have the latest tools and techniques to prevent fraud and data breaches?

Get them at our two-day conference Oct. 11-12 at the Sheraton Dallas Fraud: Don't Let It Happen To Your Credit Union. Plus you'll also learn strategies for responding in the immediate aftermath and best practices for restoring reputation, financial stability and information security.

Save $150 and Register Now!

NOT FOR REPRINT

Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).

1 nCino’s Acquisition of Sandbox Banking Enhances Integration for Credit Unions

2 CU Times PRO Turns the Page to New Era of Journalism

3 Career Moves Include New CFO at Soarion CU

4 How Can Credit Unions Get Their Piece of the SBA Lending Pie?

5 CFPB Shuts Down. Credit Unions ‘on High Alert’

Insurance
Complex Claims & Litigation Forum 2025
February 24, 2025 - Las Vegas

This conference aims to help insurers and litigators better manage complex claims and litigation.
More Information
GlobeSt. Multifamily Spring 2025
April 01, 2025 - New York

Join the industry's top owners, investors, developers, brokers & financiers at THE MULTIFAMILY EVENT OF THE YEAR!
More Information
GlobeSt. Net Lease Spring 2025
April 01, 2025 - New York

This conference brings together the industry's most influential & knowledgeable real estate executives from the net lease sector.
More Information