Connect with us

Cyber Security

Cyberattacks cost financial firms $4.7M on average last year: report

Cybersecurity News



Dive Brief:

  • About 70% of financial services firms have faced a cyberattack over the past year, as remote work and COVID-19 led to increased activity and weaker endpoints, according to a research conducted by the Ponemon Institute and sponsored by Keeper Security. The report was based on a survey of 2,215 IT and IT security professionals in the U.S., U.K., DACH, Benelux, Scandinavia, Australia and New Zealand.
  • The attacks have cost financial institutions an average of $4.7 million, about 75% more than the similar costs for other organizations, according to the report. The attacks range from credential theft and general malware to account takeover.
  • Many teleworkers exposed their companies to external attacks, using poorly secured laptops, mobile phones and other devices when they went remote, according to the report. Only 60% of financial services organizations have policies in place to regulate the security of remote employees.

Dive Insight:

Since the beginning of the COVID-19 outbreak, financial services firms have become massive targets for criminal cyberattacks and nation-state activity due to the changing nature of accessing funds or working in remote digital environments. It opened up more vulnerable endpoints for attack.

The switch to remote work led to a 20% increase in actual attacks and a massive 500% increase in attempted attacks, according to Darren Guccione, CEO of Keeper Security.

“The word I would use in terms of what COVID brought to the table, I would just say it was catalytic in nature,” he said in a Zoom interview. “The cybercriminals always knew that, wow, every single endpoint of an organization represents the potential vulnerability and access point for us to attack.”

The report shows financial services companies had to make a number of drastic changes in how they configured and managed their respective workforces, as about 58% of their respective workforces had to change to remote work after the pandemic, compared with 22% of their employees before the pandemic. About 33% of employees at these organizations were also furloughed due to the pandemic.

The report shows 71% of respondents said remote work made their companies a risk of a data breach, while 57% said they are prime targets for a hacker wishing to exploit a vulnerability.

A widely used method of exploiting financial services organizations is account takeover, Guccione said. This would involve getting into a personal account, taking over the username and password and withdrawing all the funds, or as an alternative take over a victim’s computer and demand a payment in bitcoin.

Another commonly seen attack involves the theft of trade secrets as part of an industrial espionage campaign.

About 31% of respondents said their organizations do not require remote employees to authenticate their identity during work. Meanwhile, of the 69% that said authentication is required, only 35% said multifactor authentication is required.

This research echoes a rising concern by companies regarding the vulnerabilities of having more than half of the workforce working remotely. The need to maintain safety and maintain a productive workforce is running up against the need to secure vulnerable endpoints and enforce existing security protocols.

Financial services firms are also dealing with other challenges, including how to securely store the data in a cloud environment that makes it accessible to remote workers, but remains closely protected.


Cyber Security

Tether To Conduct An Audit To Negate Claims Concerning Transparency

The Tether general counsel has declared an official audit in few months. USDT is a popular stablecoin occupying the third position in global digital assets. Tether To Conduct An Audit To Negate Claims Concerning Transparency



The Tether general counsel has declared an official audit in few months. USDT is a popular stablecoin occupying the third position in global digital assets. As it’s on blockchain that cybersecurity experts deem unhackable, the majority today trusts its security.

Related Reading | Cardano Aims To Facilitate Users With Smart Contracts

However, many people in the crypto community have been waiting for a financial audit of the stablecoin. Now, it seems that the ongoing regulatory issues in the crypto industry have galvanized the Tether team into action. As a result, they’re declaring that an audit will take place soon.

Tether Executives Grants Media Interview

Another rare incident is an interview in which the Tether CTO Paolo Arduino and Stu Hoegner, the general counsel, participated on CNBC.

During the interview, the hosts asked the duo some questions about USDT’s transparency and backing. In response, the general counsel stated that the team is working to be the first in their sector to get financial audits.

Tether To Conduct An Audit In Upcoming Months To Negate Claims Concerning Transparency

The crypto market has just turned bullish as the USDT trades in the green zone | Source: USDTUSD on

He also mentioned that the audits would come in months and not years. As for backing, he stated that the stablecoin is backed with reserves.

But Hoegner mentioned that some of the reserves are not US dollars. But the reserves are more US dollars plus other cash equivalents, secured loans, crypto assets, bonds, and others.

Related Reading | Anthony Di Lorio To Leave Cryptocurrency Space For Philanthropic Initiatives

However, in the Transparency report which Tether published, the market cap for USDT stands at $62 billion. Even though the number has increased by 195% since 2021 started, it is still behind competitors such as BUSD and USDC.

When Circle released a reserve report yesterday, July 21, it showed that 61% of the USDC reserves are cash & cash equivalent. The remaining 39% are in treasuries, bonds, and commercial paper accounts.

Taxes Decides To Attack

Paxos is a rival to Tether and recently attacked the stablecoin and Circle through its blog post on July 21, 2021. In the post, Paxos claims that the duo is not operating under financial regulators. In his words, both USDC and Tether are simply Stablecoins in name only.

Paxos disclosed that its stablecoin reserves are a combination of cash or cash equivalents to support its claims.

Related Reading | Ether EFT Gets Approval From Brazilian Securities Regulator

But in May, Tether disclosed the total backing that USDT has, which were cash 3.87%, fiduciary deposits 24.20%, treasury bills 2.94%, cash equivalents, commercial papers, which make up 65.39% plus others. This action was because the US lawmakers are closely scrutinizing its operations.

Also, Tether started submitting reports about its reserves after it reached a settlement agreement with the NY Attorney General’s Office 5 months ago. The firm has continued to send these reports since then.

Featured image from Pexels, chart from

Another rare incident is an interview in which the Tether CTO Paolo Arduino and Stu Hoegner, the general counsel, participated on CNBC.


Continue Reading

Cyber Security

S Korea, US to form working group on cybersecurity – ET CISO

South Korea said on Friday it will launch a working group on cybersecurity with the United States in order to reinforce cooperation against hacking at..



Seoul, South Korea said on Friday it will launch a working group on cybersecurity with the United States in order to reinforce cooperation against hacking attacks.

It is a measure to follow up on a recent summit agreement between the leaders of the allies — Presidents Moon Jae-in and Joe Biden — to bolster the partnership in countering global cyber threats.

“The government plans to strengthen the cooperative system with the U.S. by launching the cyber working group to involve relevant authorities,” Cheong Wa Dae said.

The presidential office was briefing on the results of a high-level interagency meeting to check on the nation’s cybersecurity posture.

The regular session was chaired by Suh Hoon, director of national security at Cheong Wa Dae, with vice ministerial officials of 16 government offices in attendance. They include the National Intelligence Service (NIS), the Ministry of Science and ICT and the Defense Acquisition Program Administration, reports Yonhap news agency.

The NIS said it plans to consolidate and unify the cyber attack alert systems of the military and the civilian and public sectors.

Suh cited constant reports of ransomware attacks at home and abroad and called for a thorough response.

“Amid deepening dependence on cyberspace due to COVID-19, in particular, all government agencies need to check and preemptively respond to cyber threats by unspecified forces,” Suh stressed, according to Cheong Wa Dae.

Follow and connect with us on Twitter, Facebook


Continue Reading

Cyber Security

Biden’s Executive Order Strengthens Government’s Cybersecurity Practices

The Legal Intelligencer provides breaking news, analysis and trends with special emphasis on mass torts and pharmaceutical litigation for lawyers and legal pros in the Pennsylvania market



On May 12, President Joseph Biden signed the executive order on improving the nation’s cybersecurity (the order) in the wake of cybersecurity incidents affecting SolarWinds Corp., on-premises Microsoft Exchange Servers, Colonial Pipelines and JBS. In the SolarWinds attack, Russian hackers exploited a routine software update to install malicious code, allowing the hackers to infiltrate nine federal agencies and about 100 companies. Microsoft Exchange’s server vulnerabilities are estimated to have affected about 60,000 organizations. The May 6, ransomware attack on Colonial Pipeline shut down the largest oil pipeline in the United States and disrupted supplies of gasoline and fuel to the East Coast. In June, JBS, America’s largest processor of beef, poultry, and pork, paid $11 million ransom in a cyberattack that affected one-fifth of the nation’s meat supply.

The order outlines several initiatives that will be rolled out on an aggressive timetable this year intended to enhance the federal government’s cybersecurity practices, particularly with respect to the software supply chain, and to contractually obligate government contractors to align with such enhanced security practices. The order directly impacts government contractors, including cloud service providers and software developers.


Continue Reading