June 25, 2015 By Douglas Bonderud 2 min read

It should come as no surprise that criminals looking to steal money often target banking and other financial industries. And while the number of brick-and-mortar bank robberies is in steep decline, cyberattacks are on the rise as criminals look for new ways to access user login credentials and grab as much cash as possible. According to CSO, reporting on a new Websense Security Labs study titled “2015 Industry Drill-Down Report,” the number of malware threats plaguing banks isn’t just high, it’s four times greater than any other industry. Bottom line? There’s not nearly as much money in the vault, but digital currency carries the same value; the form may have changed, but the function remains the same, and malicious actors are looking to break down the wall.

Show Me the Money

Websense noted that career criminal Willie Sutton supposedly told reporters he robbed banks “because that’s where the money is.” It doesn’t get any simpler than this thought, and it is often the driving force behind malware attacks on financial industries. Banks, for example, still handle massive volumes of digital money that offer a tempting target for criminals looking to redistribute this wealth.

Along with simple cash grabs, however, the Websense study also found that 33 percent of all initial reconnaissance malware attacks were carried out on banks, and a growing number of threats focused on bank employee impersonation. By compromising a legitimate bank email address, attackers are often able to convince clients that they’re sending urgent, actionable information that in turn prompts them to provide personal details or download malicious software. What’s more, these email addresses often foil antivirus and malware scanners that are looking for typos and other markers of spoofed email addresses.

Full-on malware attacks, probe efforts and email theft conspire to create a new normal for banks, one where IT personnel are constantly bombarded by low-level attacks designed to keep them busy, wear down their defenses and catch them unaware when a full-scale campaign rolls out. In other words, they’re never bored.

Beyond Big Bucks

Money is just the beginning. Cybercriminals are also hoping to use the larger attack surface created when banks pour resources into online, mobile and other self-service options. This bigger area provides ample opportunity to grab user authentication data, which is then leveraged to crack online retail and credit card accounts or impersonate users on government websites. This is often more successful than it should be, in large measure because customers prefer to use similar username and password combinations for multiple sites. In many cases, their banking information serves as a nexus for all other accounts.

Industries Answer the Challenge

For banks and other companies tied to financial industries, the Websense report points to a consistent pattern rather than an emerging trend. Simply put, banks will always outdistance other organizations when it comes to malware attacks since the value of even a single successful breach is staggering. Consider, for example, that one of the first bank-focused malware products, ZeuS, was responsible for more than $100 million in stolen funds, and newer malware tools are constantly being reinvented, repackaged and then reappearing on banking networks across the globe.

Ultimately, banks have a choice: ignore the obvious and hope that new technologies will account for the persistence of malicious actors, or spend on security efforts designed to take a proactive rather than reactive role in the defense of customer-facing financial systems.

More from

What does resilience in the cyber world look like in 2025 and beyond?

6 min read -  Back in 2021, we ran a series called “A Journey in Organizational Resilience.” These issues of this series remain applicable today and, in many cases, are more important than ever, given the rapid changes of the last few years. But the term "resilience" can be difficult to define, and when we define it, we may limit its scope, missing the big picture.In the age of generative artificial intelligence (gen AI), the prevalence of breach data from infostealers and the near-constant…

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Protecting your digital assets from non-human identity attacks

4 min read - Untethered data accessibility and workflow automation are now foundational elements of most digital infrastructures. With the right applications and protocols in place, businesses no longer need to feel restricted by their lack of manpower or technical capabilities — machines are now filling those gaps.The use of non-human identities (NHIs) to power business-critical applications — especially those used in cloud computing environments or when facilitating service-to-service connections — has opened the doors for seamless operational efficiency. Unfortunately, these doors aren’t the…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today