Financial Services Industry Is Top Target for Cyber-Attackers | eWeek

Cyber-Attackers Continue Assault on Financial Services, IBM Reports

Vulnerabilities
May 3, 2017
2 minute read
eWeek Inhalte und Produktempfehlungen sind redaktionell unabhängig. Wir können Geld verdienen, wenn Sie auf Links zu unseren Partnern klicken. Mehr erfahren


Cyber-Attackers Continue Assault on Financial Services, IBM Reports

Cyber-Attackers Continue Assault on Financial Services, IBM Reports

Financial services is typically one of the most targeted industry verticals by cyber-attackers, and 2016 was no exception. In fact, according to a new report by IBM Security, the financial services industry was attacked more than any other industry last year. On a positive note, however,  the average financial services company that IBM monitors experienced fewer security incidents in 2016 than they did in 2015. IBM Security released the new report on financial services security trends on April 27, providing insight into the types of cyber-attack methods and exploits being used on financial services companies. In this slide show, eWEEK takes a look at some of the highlights of the research from the IBM X-Force Research team.


Financial Services Remains a Top Target

2 - Financial Services Remains a Top Target

According to IBM, the financial services industry was attacked more in 2016 than any other industry vertical. IBM defines a security event as an activity on a system or network detected by a security device or application.


Security Incidents on the Decline

3 - Security Incidents on the Decline

While the overall number of attacks on financial services grew in 2016, IBM reported a decline in the volume of security incidents. IBM defines a security incident as an attack or security event that was reviewed by IBM security analysts and deemed worthy of deeper investigation. The average financial services client monitored by IBM had 94 security incidents in 2016, down from 192 in 2015.


Advertisement

Insiders Are Increasingly to Blame

4 - Insiders Are Increasingly to Blame

IBM found that in 2016, more financial services attacks could be attributed to insiders, though the majority of the insider attackers (53 percent) were labeled by IBM as being inadvertent actors.


Injection Is the Top Attack

5 - Injection Is the Top Attack

The leading type of attack method used against financial services organizations in 2016 was various forms of input or command injection.


Shellshock Shocked Financial Services

6 - Shellshock Shocked Financial Services

Looking deeper into the types of injection attacks that impacted financial services organizations in 2016, IBM reported that the Bash shell vulnerability known as Shellshock was responsible for just over a quarter of all attacks.


Attackers Manipulated Data Structures

7 - Attackers Manipulated Data Structures

Following injection, manipulation of data structures was the No. 2 type of attack against financial Services organizations in 2016. Among the classes of attack that fit into this category were buffer overflow vulnerabilities.


Organizations Around the World Were Attacked

8 - Organizations Around the World Were Attacked

Among the global attacks highlighted in the IBM report is the $81 million attack against banks in Bangladesh.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Eigentum von TechnologyAdvice. © 2026 TechnologyAdvice. Alle Rechte vorbehalten

Werbetreibenden-Offenlegung: Einige der auf dieser Website erscheinenden Produkte stammen von Unternehmen, von denen TechnologyAdvice eine Vergütung erhält. Diese Vergütung kann beeinflussen, wie und wo Produkte auf dieser Website erscheinen, einschließlich beispielsweise der Reihenfolge, in der sie erscheinen. TechnologyAdvice schließt nicht alle Unternehmen oder alle auf dem Marktplatz verfügbaren Produkttypen ein.