Cybersecurity threats to the financial sector and financial institutions are common, and they’re often a result of compromised credentials, AKA the usernames and passwords of your employees’ accounts. The way in is simple, such as through compromised passwords that are either easy to guess or have been reused by an employee.
Cyber threats to the financial sector are rising, as evidenced by these major attacks on large banks and financial institutions—hackers use familiar tactics like phishing or credential stuffing to exploit sensitive data and siphon information from banks and other financial services. Here are some of the biggest hacks to happen in the financial sector through the use of compromised credentials, and what they can teach you about cybersecurity at your own company.
Financial Hack #1
The Hackers: The BeagleBoyz, a collective of hackers with ties to the North Korean Government
The Hacked: U.S. Banks
The Cost: Attempt to steal an estimated $2 billion
What happened? Since 2015, the BeagleBoyz have attempted to steal money from U.S. Banks ATMs and other institutions. In addition to deploying malware through an email attachment and exploiting server vulnerabilities, the hacker group also used compromised credentials of certain users to infiltrate U.S. Banks servers.
Financial Hack #2
The Hackers: Maze ransomware
The Hacked: Credits cards with data from Puerto Rico’s state-owned bank, Banco BCR
The Cost: 11 million credit cards from 140,000 American accounts
What happened? Through a brute-force attack, Maze hackers were able to access the company’s RDP (Remote Desktop Protocol) and deploy ransomware.
Financial Hack #3
The Hackers: Unknown threat actors
The Hacked: Bank accounts of First Horizon Corporation customers
The Cost: Funds from over 100 accounts totaling over $1 million
What happened? Hackers accessed user accounts using compromised credentials from an unknown but legitimate third party.
Financial Hack #4
The Hackers: Ruyk ransomware
The Hacked: Fintech company Finastra Group Holdings Ltd.
What happened? Credentials for accessing Finastra’s RDP were compromised, resulting in a shutdown of critical systems.
What your institution can do
Cybersecurity threats in the financial sector and hacks of financial institutions are on the rise, especially since the onset of the pandemic and the increased need for RDP. Threat actors are able to gain access to banks and other financial services through tried and true tactics, which means your institution can stay one step ahead. Here are three things you can do right now to avoid a major costly breach in the future:
- Train employees on phishing schemes. Make sure that employees are not unknowingly downloading malware through email links, or giving up sensitive data to threat actors. Run a phishing test at your institution.
- Deploy a password manager. A recycled or easy to guess password is a simple way into your company’s systems. Don’t hand over the keys to hackers without a fight: enable each member of your company to create strong passwords, safely store credentials, and alleviate the need to remember logins with a password manager.
- Don’t let hackers go undetected. One of the reasons BeagleBoyz were so successful in their hack was their ability to gain access, then lay low in anticipation of an attack. Receive instant security alerts from Dashlane if your passwords have been compromised, and create unique passwords to avoid reusing already compromised credentials.