Express Computer
Home  »  Guest Blogs  »  The biggest security threats for the BFSI sector in 2023

The biggest security threats for the BFSI sector in 2023

0 1,354

By Murtaza Bhatia, Sales Director, Cyber-security, NTT Ltd. in India

The BFSI (banking, financial services, and insurance) sector in India has undergone significant digital transformation in recent years, driven by factors such as increasing customer demand for digital services, the proliferation of mobile devices and internet connectivity, and the need to reduce costs and improve efficiency. As organizations in this sector seek to improve customer experience and stay competitive in an increasingly digital environment, the security threats have also accelerated in a similar proportion. We take a look at some of the biggest security threats for the BFSI sector in 2023:

India at the forefront of innovative phishing attacks: Phishing has been an all-time favorite of hackers, and hackers are constantly innovating to improve the efficiency of their attacks. In November 2022, Trend Micro researchers discovered a big uptick in the number of phishing attacks targeting banking customers in India. The most common method is sending an SMS with a phishing link and luring a potential customer to fill in their personally identifiable information to get reward points or refunds. The target – subscribers of seven popular banks with millions of customers. Similarly, security firm, CloudSEK’s Threat Research & Information Analytics Division (TRIAD), discovered unique phishing methods used by hackers to target the Indian banking industry. This include using Zoho forms to gain access to sensitive personal information, or Cloudfare pages to launch phishing campaigns or using Hostinger’s preview domains feature to host phishing sites and evade detection. In 2023, we expect this trend to accelerate in a big way.

Rise of customized malware for Indian BFSI firms: In 2023, we will see a rise in the number of malware that has been created specifically for targeting firms in the Indian BFSI sector. A case in point is an Android malware called ‘Drinik’ that has been created to target Indian taxpayers to steal personal information and banking credentials by impersonating the Income Tax department’s official tax assistance app. The latest version targets 18 specific Indian banks and targets only those users with legitimate income tax site accounts. This app is a sign of the times to come where cybercriminals create customized malware targeting India’s fast growing and lucrative BFSI sector.

Data breaches set to increase rapidly: India continues to lead the world in terms of real-time digital payments. The Boston Consulting Groupfor example, predicts that India’s digital payments market will expand more than thrice from the existing $3 trillion to $10 trillion by the year 2026. As more Indians pay using digitally, the number of data breaches will increase substantially. In August 2022, the Indian Government informed the parliament that Indian banks reported 248 successful data breaches by cybercriminals in the period between June 2018 and March 2022. Most data breaches pertained to data related to card details leakage and theft of business and non-business information. In 2023, as more organizations get digitally enabled, we can expect data breaches to increase substantially.

Ransomware continues to remain a big threat for BFSI firms: With its ambitious digital aspirations, India continues to remain in the crosshairs of international hackers. In 2022, CERT-In reported that ransomware attacks jumped 51% in the first half of this year. With the relatively easier availability of ransomware as a service kits that enables even lesser skilled hackers to carry out attacks, ransomware will remain a huge threat for Indian banks and financial services firms in 2023. As more hackers start attacking organizations, we expect hackers to transition to bigger and larger organizations, in their quest for a larger prize.

BFSI firms will struggle to protect personal data of customers: As competition intensifies in the lucrative BFSI sector, we can expect competitors to go to unprecedented lengths to acquire customers. BFSI firms hence will be extremely challenged to protect the data of their customers. This is validated by a customer survey done by LocalCircles, a Delhi-based consumer research company, which found out that 34% of people with bank accounts were approached with offers to open similar bank accounts. The survey also revealed that more than 50% of Indian consumers suffered a personal data breach that leaked their contact details to the public. The result — they were flooded with unwanted offers like loans and insurance. In 2023, we expect this trend to accelerate as more firms vie for the same base of customers.

Recommended best practices

To address many of the above mentioned issues, we recommend some of the following best practices

  • Take an architectural approach to security. In this approach, Zero Trust should be the building block, where the first step must be to ‘trust no one and verify first’
  • Improve awareness by providing education to the customers in terms of how to use and how to verify the messages from banks or financial services organizations
  • Build in capabilities in end user apps to detect malicious attempts. Verify and prevent such communications (all communication from the bank must happen via apps and not on other channels as primary controls)
  • Build better integration and stronger authentication with Fintech solutions for ensuring secure digital payments
  • Create full stack visibility to capture malicious intent or transactions which are out of normal behavioral patterns

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image