Defending the fintech industry – why growing ransomware attacks call for a change in security strategy
By James Derbyshire, browser isolation expert at Garrison
Ransomware is a growing problem for fintech. In 2021, 55% of financial institutions were hit by a ransomware attack and over the past decade these attacks – which lock away critical company data until a ransom is paid – have increased exponentially.
While media attention has largely focused on threats to critical infrastructure, such as the energy, health and education sectors, it’s become clear that the rise of fintech has put such businesses at increasing risk of these kinds of attacks.
The UK’s fintech sector is the largest in Europe. It is made up of over 1,600 firms – a number that is forecast to double by 2030 – and contributes around £11 billion to the UK economy. The sector has therefore become an attractive target for cybercriminals looking for a big pay out. Additionally, although fintech businesses handle the same valuable financial data as traditional banks and financial services, their digital-centricity and international scale can make them more vulnerable to attack.
The financial and reputational impact of a ransomware attack can be devastating, and extend far beyond paying the ransom itself. By rendering key data, systems and networks inaccessible, an attack can take services offline and cause a fintech’s entire business to grind to a halt. Inaccessibility of services coupled with possible breaches of personal and financial customer data can irreparably impact a fintech’s reputation with customers, leading to a significant impact on revenues.
Relationships with partners are also at risk during these attacks. The fintech sector is increasingly integrated with traditional financial institutions, and over four in five incumbents expect to increase their fintech partnerships over the next three to five years. This means that vulnerabilities within fintechs can potentially also be exploited to compromise other financial institutions they do business with; security gaps within fintech can impact the whole financial chain. This helps explain why 70% of traditional banks say that data security in fintech is their top security concern.
To err is human
The continued success of ransomware attacks is in part due to the fact they are designed to exploit a vulnerability that can never be completely eliminated – human error. All it takes for a company’s network to be breached and for ransomware to gain a foothold in an organisation is a click on a bad link.
Many companies have turned to employee training to solve this problem. But unfortunately, the reality is that although human error can be mitigated, it can’t be removed. No matter how well trained, security savvy or conscientious the employee, each and every one of us has the ability to slip up. And all it takes is one mistake to give ransomware an opening into a business.
Enterprises also try to protect themselves by employing tools that identify and respond to malware. However, this too is a flawed approach. Firstly, these technologies can’t prevent malware from entering a business network – all they do is detect it once it has successfully found a route in. And secondly, these tools are powerless against zero-day attacks, as they can only defend against behaviour that is already known to be suspicious.
The continued rise in ransomware attacks shows that the current approach to security is broken.
Eliminating web-based attacks
The web browser is the most common attack vector for these threats. And as more and more fintechs turn to cloud-based tools and services as a way to cost-effectively scale, the threat of these web-based attacks is on the rise.
Concurrently, the threat surface of the browser is growing due to its increased functionality, which makes the app highly vulnerable to malware attacks. Although a whole host of security measures have been built into the browser, these fall short of resolving the security issues.
Browser Isolation is a tool growing in popularity with companies looking to defend against web-based threats. The technology is a category of security control that allows users to access web content without putting their devices at risk of web-based malware attacks, meaning that employees are immune from threats such as phishing emails with malicious links.
The tool creates an impermeable barrier between the user’s device and the internet, meaning that the user never comes into contact with risky code, even if they click through to a compromised webpage. It is enabled by a technique called ‘Pixel Pushing’ which converts the browsed web content into pixels. For the end user, the browsing experience remains unchanged, but the web-based security threat is eliminated – users are in fact seeing an interactive video in lieu of the web page, thus removing any possibility that they come into contact with malware.
At the heart of Browser Isolation is a security model that does not rely on detection. Instead the Isolation model takes a Zero Trust approach and assumes that all content is malicious unless there is good reason to believe otherwise.
Protecting customers, protecting business
The success of the sector has led to fintech becoming a treasure trove for threat actors looking to wreak havoc by holding financial and personal data to ransom. The UK has one of the highest fintech adoption rates globally, and the pace of customers turning to fintech services shows no sign of slowing – 14 million adults bank use digital-only services, a number that is predicted to rise to 23 million by 2027.
At the same time, successful fintechs are continuing to scale rapidly. Revolut, for example, now has 20 million customers – ten times the number it had in 2018 – while Starling Bank has almost 3 million. But as they grow so does their potential attack surface.
Zero Trust security strategies need to be put in place to mitigate the growing ransomware threat and to ensure that fintech businesses – and the customers they serve – are adequately protected.
Uma Rajagopal has been managing the posting of content for multiple platforms since 2021, including Global Banking & Finance Review, Asset Digest, Biz Dispatch, Blockchain Tribune, Business Express, Brands Journal, Companies Digest, Economy Standard, Entrepreneur Tribune, Finance Digest, Fintech Herald, Global Islamic Finance Magazine, International Releases, Online World News, Luxury Adviser, Palmbay Herald, Startup Observer, Technology Dispatch, Trading Herald, and Wealth Tribune. Her role ensures that content is published accurately and efficiently across these diverse publications.