Financial sector under attack by ransomware; SANS Institute
For the first time, ransomware has overtaken phishing as the top cyber security risk for the financial sector
The SANS Institute revealed that ransomware has for the first time overtaken phishing as the top cyber security risk for the financial sector.
The survey revealed that 55% of respondents had identified ransomware as the top attack vector with spearphishing coming in second. These attacks have caused considerable damage, with 32% of survey respondents citing losses between $100,001 and $500,000 as a result of their breaches.
According to SANS, organisations are focusing on time-tested controls such as email monitoring and security awareness training to reduce the potential for employee actions that unleash malware on their devices. They are also employing perimeter defences, endpoint protections and log management techniques to identify, stop and remediate threats.
Ned Baltagi, managing director, Middle East & Africa at SANS, said: "This year we've witnessed a dramatic rise in ransomware which has caused it to displace phishing as the No. 1 attack against financial institutions. This threat vector is particularly damaging since it places sensitive information at high risk and can be easily executed through deceptive social engineering techniques.
"Cyber security spending now accounts for a significant portion of IT budgets in the Middle East and it is encouraging to see that overall, respondents have experienced fewer high-impact security events. What remains unclear is whether they are sufficiently equipped to defend against these attacks. Just over half of surveyed organisations claim to have felt prepared or very prepared to fend off attacks and even this readiness will stand to be tested when alternative payments systems come online," he added.