Money could not bear the silence – Newspaper Kommersant No. 33 (7478) of 02/22/2023
[ad_1]
Last year, the number of leaks in the financial sector increased by 1.7 times, while the amount of stolen personal data increased by 32 times at once. The share of external attacks more than tripled, to 75%, while the share of leaks of information constituting a trade secret grew at the same time. Experts partially explain the dynamics by the fact that recent statistics take into account incidents more fully. They do not expect a significant improvement in the situation, believing that in the future fraudsters will interact more closely with employees of the financial institutions themselves. Moreover, more and more leaks occur not from banks, but from investment companies, payment services and crypto exchanges.
Kommersant got acquainted with the InfoWatch study on leaks in the financial sector, according to which in 2022 their number increased by 1.7 times, to 48 cases.
The number of compromised personal data records (PD) and payment information compared to 2021 grew 32 times at once – from 1.4 million records. up to 44.8 mln.
Andrey Arsentiev, head of analytics and special projects at InfoWatch, explained that the results are primarily due to several large cyberattacks, each of which resulted in the theft of millions of records. At the same time, the manager of the RTM Group, Yevgeny Tsarev, believes that the number of incidents has not actually increased, especially by 1.7 times. “Before, there were more leaks than registered, now the statistics have begun to approach reality,” he explains.
At the same time, according to InfoWatch, the shares of various segments in which information was leaked also changed – the share of banks, MFIs and insurance companies decreased (from 92.8% to 66.5%), while the share of investment companies, payment services and crypto-exchanges increased. Yevgeny Tsarev confirms that there are fewer leaks from banks both in quantity and in records. However, in his opinion, “until the system of regulation of large holders of personal data is built, leaks will occur.”
The data of financial sector clients is of particular value to fraudsters, which is why they occupy a large share in the total amount of leaks.
In particular, according to Roskomnadzor, in 2022 in Russia there were about 150 major leaks of personal data in various business segments. According to the Central Bank, last year fraudsters stole more than 14 billion rubles from bank accounts of citizens and companies, and returned only 0.6 billion rubles of them. At the same time, the share of social engineering in fraudulent transactions began to decrease (see “Kommersant” dated February 14).
The InfoWatch study also notes that in 2022 the share of leakage of personal data that is actively used in social engineering decreased from 96.4% to 82.6% of cases. At the same time, from almost zero to 13%, there was an increase in the share of information constituting a trade secret. According to Andrey Arsentiev, this happened due to a shift in the threat vector towards external intruders. “As a rule, an ordinary bank manager does not have access to information classified as “trade secrets” (investment plans, closed reports, etc.), and hackers can get to such data through complex schemes,” he explains. According to InfoWatch, last year there was more than a threefold increase in the share of leaks caused by external intruders (primarily hackers), from 21.4% to 75%.
However, Rustem Khairetdinov, deputy general director of Garda Technologies, believes that the division into internal and external factors is conditional. “Any external attack has internal reasons – a negligent attitude to the security of users who respond to social engineering, administrators setting up protections and infrastructure, as well as software developers who do not follow the principles of secure development,” he notes. InfoWatch is also increasingly using the term “hybrid vector”.
“External attackers are increasingly entering into a criminal relationship with company employees, motivating them to steal information in demand on the black market, or hack corporate networks with their help,” the study says.
At the same time, Alexey Lukatsky, business consultant for information security at Positive Technologies, notes that it is quite difficult to make any forecasts on the basis of 2022 analytics. Military operations in Ukraine and Western restrictions created specific conditions: hackers created a large number of fake resources that “helped” Russian citizens carry out certain financial transactions, for example, with foreign financial institutions, online stores, etc. “Citizens began to change familiar platforms to new ones, many of which turned out to be fraudulent,” says Mr. Lukatsky.
At the same time, experts do not expect radical positive changes in the field of data leaks. According to Semyon Botalov, a junior analyst at the Public Leaks Research Group and IM Group-IB, “we do not record a decrease in the intensity of attacks on financial companies in any area, and in the near future the number of leaks is unlikely to decline, given the situation in the world and insufficient security company assets.”
[ad_2]
Source link