October is National cybersecurity awareness month and what better way to celebrate that than by taking a look at how organizations have done so far this year. According to Verizon’s Data Breach Investigation report this year alone there were a confirmed 2,216 data breaches. The reason given for these attacks we’re predominantly financial. In fact, according to the report, 76% of breaches were financially motivated.
So who are these fraudsters and where do they come from? According to the report, 73% of cyber attacks were perpetrated by those outside the organization. However, it is important to note that not all the criminals sit outside the organization in fact, 28% of the data breaches involved personnel within the organization. This fact, as the report points out, is particularly hard to guard against as it is hard to spot the signs of someone using their legitimate access to data for nefarious purposes. Organizations also want to keep in mind though that people do make mistakes and that not all of the insider breaches are with malicious intent as a matter of fact according to the report errors were at the heart of almost one-in-five(17%) of those breaches. The report also points out that about 4% of people within an organization would click on any given fishing campaign.
Interestingly though when taking a look at just the financial industry according to the report, there were 146 data breaches with 598 security-related incidences. When looking further into the industry, it was found that 79% of those breaches are caused by external individuals and 19% of those by internal individuals. Also, it was found that 34% or caused by hacking and 34% by a physical method.
In addition, according to the report, these cyber criminals do appear to have a favorite point of entry, web applications. This is interesting considering the fact that when looking at mobile banking usage among age brackets according to a recent Mercator Advisory Group survey mobile banking activity among the age group of 18 to 34 is at 90% with the majority of those users preferring to use a mobile banking app as their preferred method for mobile banking transactions. This should bring some alarm bells for financial institutions as this could be an early indicator that a more significant focus should be placed on securing their web applications as more individuals will be utilizing the web application as a primary mobile banking vehicle.