了解更多关于购买协议的成交和结算的考虑因素 ...
本网站使用cookie,以确保我们给您最好的用户体验. cookie协助导航,分析流量和我们的营销工作,如我们的 隐私政策.
2023年金融保险行业最常见的网络攻击模式是什么?
支持… 网络安全意识月在美国,我们正在审查各行业报告的事故. 本文的重点将放在金融和保险部门.
尽管影响金融和保险行业的标准和法规过多, 威胁行为者继续以惊人的速度瞄准这一群体. 事实上, finance and insurance was ranked as the most attacked sector for four consecutive years between 2016 and 2020 according to the IBM X-Force威胁情报指数.
So why are threat actors continuing to go after this sector despite the regulatory and compliance obligations that ensure minimum control hurdles that make it more difficult to compromise? 答案很简单:敏感数据的纯粹量.
事实上, Verizon 2023数据泄露调查报告 (Verizon DBIR)发现,97%的举报事件是出于经济动机, and 74% pursued personal data – motivation and targets that go hand-in-hand in the cybersecurity world.
And while some may think this sector has extra protection with so many regulations and standards, 由于该部门经常被成功攻击,因此存在额外的保护层.
So, what were the most common cybersecurity attack methods in the financial and insurance sector in 2023?
根据Verizon 2023年的DBIR, 77% of all reported incidents in the financial and insurance sector were basic web application attacks, 各种错误和系统入侵.
Basic web application attacks are exactly what they sound like: attack methods that require low complexity including brute force attacks. Brute force attacks are simply when threat actors use automation to gain unauthorized access by guessing usernames and passwords. Companies can reduce their risk by limiting the number of login attempts from individual IP addresses or automatically locking accounts after too many failed logins. 另外, increasing the strength and complexity of passwords can decrease the likelihood of success for threat actors implementing brute force or other password cracking techniques.
也, companies should keep up to date on when their data has been part of previous breaches and change the security information – as many threat actors may just source security credentials from previous breaches and apply them to new ones.
Miscellaneous errors are another simple threat with major consequences and occur when protected data is sent to the wrong person.
Just think about the pure volume of protected data such as social security numbers of clients and beneficiaries, financial account information and corporate data exchanged every day in this sector – both electronically and physically – and what could happen if it falls into the wrong hands.
各种错误的威胁不仅仅是数据被盗和账户泄露. A threat actor armed with the right information can employ social engineering to impersonate both customers and companies to advance attacks.
在这种情况下,安全负担也落在了最终用户身上. Be sure to update your physical mailing information and change your passwords if you have been part of a breach, 不同的账户使用不同的密码. 不要让一个被攻破的密码成为你所有个人和私人信息的万能钥匙.
System intrusion is the more sophisticated of the top three attack methods and is more methodical in that these attacks leverage malware and hacking to gain access, 其中包括勒索软件. This attack method dropped from 27% to 14% compared to 2022 because miscellaneous errors increased, 但它仍然是金融和保险领域流行的攻击方法.
Organizations across all industries can be proactive against system intrusion attacks by employing more comprehensive intrusion prevention and detection capabilities within their network security strategy, 例如系统信息和事件监视(SIEM), Security Orchestration Automation and Response (SOAR) and Managed Detection and Response (MDR) to emphasize automated controls which scale to improve effectiveness of preventing attacks.
This article is part of a series highlighting the most common cybersecurity incidents by industry and is based on data from the 2023 Verizon DBIR. 其他条款包括:
It is important to note that the data referenced is from organizations that chose to disclose incidents and data breaches.
关于网络安全意识月
自2004年以来, the United States and Congress have recognized October as 网络安全意识月 to raise awareness about the importance of cybersecurity in the public and private sectors and tribal communities. 今年是20周年th 网络安全意识月一周年纪念日和今年的活动, 保护我们的世界,重点介绍了保护自己、家人和企业免受网络威胁的四种方法.
相关的再保险来源
The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, 包括渗透测试, 入侵防御/检测审查, ransomware安全, 脆弱性评估和一个健壮的数字取证和事件响应团队. 此外,我们的 数字取证和事件响应 teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.
要了解更多信息,请访问我们专门的 网络安全 呼叫或联系团队 (电子邮件保护).
想要了解情况? 订阅我们的双周通讯, 关注网络安全.