Smaller firms more vulnerable to cyber threat, claims Beazley

There has been a sharp increase in hacking and malware attacks on financial institutions in the first six months of 2016, particularly on institutions with revenues below $35 million, Beazley has said in a report.

Beazley has published its Beazley Breach Insights report for July 2016 based on its response to customer data breaches, Beazley Breach Response (BBR) Services unit.

The specialised BBR Services unit discovered a sharp increase in hacking and malware on financial institutions, especially aimed at banks and credit unions.

There was a persistent level of hacks in the healthcare, higher education and retail sectors compared to 2015.

Throughout the first half of 2016, Beazley’s BBR Services managed to uncover 955 data breaches on behalf of clients, whilst there were 611 breaches during the same period last year.

It picked up 139 of these breaches across financial institutions, with the most common targets being smaller institutions with revenues under $35 million.

During the first six months, Beazley’s portfolio calculated 31 percent of data breaches being hacked across all industries, almost the same figure of last year, which was 32 percent.

In 2015, hacking and malware attacks accounted for 27 percent of the breaches for financial institutions, whereas in the first half of this year that figure rose to 43 percent.

Banks and credit unions with less than $35 million in yearly revenues accounted for 81 percent of hacking and malware breaches at financial institutions in 2016, a huge increase from 54 percent of incidents that were represented in 2015.

Within healthcare organisations, breaches caused by unintended disclosure represented 42 percent of all industry incidents in 2016 until now, a sharp increase from 30 percent in 2015.

This is linked with the large amount of information shared between organisations within this industry. 17 percent of healthcare breaches were caused by hacking or malware in 2016, whereas there were 27 percent in 2015.

The rate of hacking and malware in the retail industry remained high, accounting for 49 percent of all retail data breaches handled by BBR Services in 2016, compared to 55 percent in 2015.

Ransomware attacks increase consistently, with twice as many attacks in the first six months of 2016 (86) than Beazley handled in all of 2015 (43).

“The persistent high levels of hacking and malware attacks are a reminder that all organisations in all industries need to have plans ready to respond when a breach occurs,” said Katherine Keefe, global head of BBR Services.

“The large increase we’ve observed in hacks aimed at financial institutions is noteworthy. Smaller banks and credit unions that typically have fewer defenses against these breaches are becoming bigger targets and need to be prepared.”

Keefe suggested that financial institutions enhance their technology defenses as well as the training afforded to employees on cyber security and threat awareness.

Keefe added: “There is a lot they can do to protect themselves, but the sobering reality is that not every breach can be prevented and businesses – including financial institutions – should have robust plans for managing breaches should they occur.”