The financial services sector has been one of the most highly targeted areas of the economy by cybercriminals throughout the past several years, and analysts have grown increasingly concerned about the biggest banks in the world and their ability to protect data. On the global scale, the rate of data breaches has accelerated dramatically in a relatively short period of time, leading to hundreds of billions of dollars in damages that have in some instances crippled certain nations.
These increases in fraud and crime could not have come at a worse time, as the global economy is still working through the process of regaining its footing from the recession that took place only a few years ago. The worst part, though, might be the fact that the majority of breaches could have been completely avoided had companies had relatively simple protective frameworks in place before the events struck.
No longer are traditional password and credential systems protecting businesses from the threats that abound on the Internet, yet so many are still relying upon these methods to avoid data loss and theft. More advanced and sophisticated attacks demands more advanced and sophisticated security frameworks, and dynamic authentication might represent the best option for most organizations in the modern market.
Who was breached this time?
Two phrases that no one should ever hope or even expect to see in the same sentence are "central bank" and "data breach," yet those were combined in a recent report from SC Magazine. According to the news provider, the European Central Bank has announced that its website was infiltrated by attackers, while it believes it has lost certain email addresses and potentially other pieces of personally identifiable information as a result.
In many ways, the attack could have been far worse than what it was, as the source pointed out that officials believe no sensitive market data was reached by those who perpetuated the attack. As a quick note, though, a minor breach can quickly lead to significant issues in the long run, as the first step toward gaining access to sensitive information is compromising accounts that are used to login to the relevant storage environments.
SC Magazine cited the comments of Keith Bird, a security specialist, who believed that one of the more troubling aspects of this recent breach was the fact that the attack seemingly went on unnoticed by officials.
"This attack highlights how even high profile organizations with robust defenses, can fall victim to enterprising cyber-criminals," Bird told the news provider. "The European Central Bank was clearly unaware it had been infiltrated as it first came aware when the attackers issued a ransom for the data they had obtained. In 2013 we did in-depth security audits at 150 financial organizations worldwide, and found that 88 percent had experienced a data loss incident in 2013, up from 61 percent in 2012. With the pace of attacks increasing it highlights the need for multiple layers of defence, including encryption for all data, to mitigate the risks of intrusion and data theft."
Focus on access management
Data security software and network monitoring tools are necessary to ensure that these types of breaches are either entirely avoided or at least identified before they spiral into more severely damaging consequences. However, regardless of which investments are made in these two directions, a lack of modernized identity and access management will present a major vulnerability in any organization's core systems.
Before an attack hits another bank, decision-makers should seriously consider implementing dynamic authentication tools to breakaway from antiquated credentials and step into the current era of protection.