COVID-19 sees financial services hammered by cyber attacks

A new report by security firm McAfee has shown that hackers are exploiting threat opportunities by abusing cloud account credentials, with financial services being the biggest target. 

Joel Camissar, regional director of MVISION Cloud Asia Pacific, McAfee told ifa sister publication Adviser Innovation that the financial services sector saw a 571 per cent increase in cloud threats from January to April 2020.

Most of these external attacks targeted collaboration services like Microsoft 365, and were large-scale attempts to access cloud accounts with stolen credentials

Insider threats remained the same, indicating that working from home has not negatively influenced employee loyalty. 

Access to the cloud by unmanaged, personal devices doubled, also adding another layer of risk for security professionals in financial services.

“At a time when the world is coming together to overcome COVID-19, cyber crime is ramping up for financial services companies with McAfee finding external attacks on cloud services and collaboration tools are seven times higher compared to the start of 2020,” Mr Camissar said.

“Cyber criminals have wasted no time in taking advantage of the surge in cloud adoption to support working from home policies.”

Mr Cammisar said that for many organisations in financial services, work from home policies are here to stay post-pandemic which means it is a crucial time for Australian organisations to be prioritising cloud security. 

After analysing cloud usage data that was collected between January and April from over 30 million enterprise users of its MVISION Cloud security monitoring platform, the company estimates a 50 per cent growth in the adoption of cloud services across all industries. 

For financial services, there has been a rapid adoption and integration of cloud services, particularly cloud-based collaboration tools such Microsoft Office 365, Slack and video conferencing platforms. 

As COVID-19 caused many companies to adopt work from home strategies this led to a huge spike from financial services companies in using enterprise cloud.

At the time surveyed, overall enterprise adoption of cloud services spiked by 50 per cent, a significant increase given the financial services sector typically relies on legacy on-premises applications, networking and security more than others.

Furthermore, the financial services industry increased usage of collaboration services such as Microsoft 365 by 123 per cent, while also seeing an increase in the use of business services such as Salesforce by 61 per cent.

As a result, Mr Camissar said this has led to financial services companies being increasingly vulnerable to cyber cloud attacks.

In order for financial services companies to stay better protected, Mr Camissar recommends focusing on a cloud-centric security policy to meet the increase in cloud use and cloud-related security threats. 

“As remote working becomes the new normal, remote users need to directly and securely connect to the cloud services they need,” Mr Camissar told Adviser Innovation.

“Financial services must rethink how they cater to unmanaged devices connecting to their cloud services and set cloud policies that protect sensitive information from being stored on unmanaged devices.”