Cyber threat

EfficientIP and IDC Report Reveals: Financial services organisations suffer $1.3M cyber attacks

 

88% of financial services organisations surveyed experienced DNS attacks in the past 12 months.

EfficientIP, leading specialists in DNS security for service continuity, user protection and data confidentiality, revealed the financial services sector is the most targeted industry in its 2019 Global DNS Threat Report with 88% of FS respondents experiencing under-the-radar DNS attacks in the past year.

With 900 respondents from nine countries across North America, Europe and Asia, the report found financial services organisations experienced an average of ten attacks a year, a 37% increase from last year. In addition, 47% of financial services organisations were subject to DNS-based phishing scams.

Last year, a single DNS attack cost each financial services organisation $924,390. This year the research shows that each organisations on average spent $1,304,790 to restore services after each DNS attack, the most out of any sector and an eye-watering increase of 40%.

Rising costs is only one of the consequences DNS attacks caused for the financial services sector. The most common impacts included cloud service downtime, experienced by 45% of financial organisations, and in-house application downtime (68%).

While 65% of financial organisations are either already using or planning to incorporate zero trust architecture, they still appear to be behind the curve when it comes to making use of DNS analytics for enhancing overall network security. Just over 67% perform no DNS traffic analysis for their internal threat intelligence program, and 43% have adopted very little or no automation at all in their network security policy management. This still leaves the financial services sector vulnerable to DNS attacks, which appear to be on the rise. On the positive side, financial services organisations do see real value in using machine learning to bring predictive security into their capabilities. 90% of respondents see this as particularly useful for detecting unknown (“zero-day”) malicious domains.

David Williamson, CEO, EfficientIP, commented: “Financial services organisations have always been the gate-keepers of customers’ money, providing vital services people expect to be able to use all day and night. With so much at stake, the networks of financial services organisations are a predictable, prime target for DNS attacks.

“What is a surprise is these organisations are not amplifying their security measures. They are big targets with costly breaches coming thick and fast.
As our research shows, DNS security is a business imperative for the financial sector if hackers are to be kept at bay and to prevent services from caving in on themselves.”

Posted by Susannah Griffin