Most cyber attacks on banks fail in 2020
These data are presented in the Overview of the Main Types of Cyber Attacks in the Financial Sector in 2019— 2020.
This result was achieved owing to the improvement of banks’ information security management systems and the increased professional qualifications of their employees. FinCERT information exchange, which allows for prompt provision of the relevant information to financial institutions, also helped prevent attacks at the early stage. Effective actions of the law enforcement agencies of the Russian Federation and other countries against cyber criminals are also among the reasons behind the decline in the hacker activity against Russian banks.
However, attackers have switched their focus to credit institutions’ customers, in particular to individuals. Telephones and the Internet are the main attack channels.
In 2020, the Bank of Russia identified and submitted for blocking 26.4 thousand phone numbers that attackers used to call banks’ customers. This figure is nearly twice as high as the year before (up 86%).
Moreover, last year the Bank of Russia initiated the blocking procedure against nearly 7.7 thousand phishing websites. According to the regulator, the number of fake bank websites doubled over the year: 1034 such sites were identified and submitted for blocking in 2020 vs 561 the year before. In the beginning of the pandemic, from March through May, the Bank of Russia initiated blocking of 2200 COVID-related fraudulent websites.
A hike in telephone scam cases and the number of certain types of fraudulent websites is related primarily to the pandemic and the fact that economic activity migrated online. Scammers’ activity peaked in late March — early April, when the lockdown was the strictest, judging by both the number of unauthorised transactions and the total amount of funds involved.
‘In 2020, the information security of the financial market was mostly affected by the coronavirus pandemic. While banks were generally successful in countering the attacks, their individual customers were less prepared to such an increase in the criminal activity. Phone scamming remains of the highest concern. To solve this problem, coordination between all interested organisations, including mobile operators and government institutions, is required. Banks also need to proactively inform their customers of the risks of fraud’, said Deputy Governor of the Bank of Russia German Zubarev.