Attacks on Financial Apps Jump 38% in First Half of 2021

Cyber criminals’ appetite for personal data remains high, with 74% of all data stolen in the last few years being the kind that can be used to identify, contact or locate specific individuals. And to score these hot digital commodities, thieves are increasingly flocking to web applications used by financial institutions’ customers/members, employees and partners to conduct online transactions.

That’s according to new research from Imperva Research Labs, a San Mateo, Calif.-based data security firm, which revealed last week that in the first half of 2021 versus the first half of 2020, the number of web application incidents in the financial services industry jumped 38%, from 11.7 million to 16.1 million.

What’s more, Imperva reported that more than 870 million sensitive data records were compromised in January 2021 alone – more than the total number of compromised records in all of 2017.

“The widespread theft of personal data is a strong indication that many organizations are not putting enough protection into place to secure it,” according to Terry Ray, SVP and fellow for Imperva. “In many instances, personal data theft from financial institutions is made easier because it is regularly shared between systems, people and suppliers to complete transactions. As regulations governing data privacy become more stringent, it will be critical for every organization to have the capacity to discover, identify and classify personal data across their data estate. Only when an organization knows where personal data is hosted and what applications and users are accessing it, will it be able to extend the security controls that protect it.”

Cyber criminals have also been focusing their energy on distributed denial of service (DDoS) attacks. According to Imperva, Layer 7 DDoS attacks, which target the application layer – the layer that sits closest to the end-user – of a system’s Open Systems Interconnection (OSI) model, are becoming more powerful, with the number of requests per second (RPS) in Layer 7 DDoS attacks against financial services firms tripling since April 2021. In a DDoS attack, instigators aim to overwhelm server resources by flooding the server with so much traffic in the form of requests to connect until it is no longer capable of responding; the higher the RPS number, the more intense the attack.

Imperva also noted the prevalence of client-side attacks, which involve tricking website users into downloading malicious content, enabling the bad actor to exploit the website by intercepting user sessions, inserting hostile content or conducting phishing attacks, for example. Client-side attacks on financial services firms focus on skimming payment information by exploiting third-party scripts used by thousands of websites across many industries, the company said. “Financial websites are relying more on third-party scripts to provide better services for their customers, but due to the high volume of digital transactions processing financial assets and other sensitive data, they are a rich target for client-side attacks,” Ray stated. “Once credit card details are stolen, the data may be used immediately by cybercriminals to acquire goods or sold to other criminals for later exploitation.”

Successful carry-out of a phishing attack has been a particularly popular goal for criminals working the client side, with a separate report from Phishlabs stating that phishing attacks increased by 22% during the first six months of 2021 compared to the same time period last year. However, the Charleston, S.C.-based digital risk protection services provider’s Quarterly Threat Trends and Intelligence Report also found that phishing activity dipped significantly in June for the first time in six months, following a high-volume May.

Imperva also listed ransomware attacks as one of the top five security threats in financial services, and a recent report from Atlas VPN further demonstrated the severity of the threat. The New York, N.Y.-based VPN service provider found that ransomware attacks were up 151% during the first half of 2021 compared to the first half of 2020, with the United States facing more ransomware threats than any other country.

The first half of this year, according to Atlas VPN, saw 304.7 million attempted ransomware attacks, already making this year the worst ever recorded for ransomware. Ransomware attacks are a severe problem that terrorizes many organizations or government agencies, causing national danger,” William Sword, cybersecurity writer and researcher for Atlas VPN, stated. “As many people neglect basic cybersecurity rules, they become easy targets for cybercriminals. Improving people’s cybersecurity awareness and preparedness is a must if companies want to reduce ransomware attacks.”