Tag Archive for: fine

Financial Sector is the Most Targeted During Pandemic

Cybercriminals are attacking businesses like never before, and they have way more of an interest in the financial services sector than in past years. The pandemic has caused difficult financial situations for many, that includes cybercriminals too, which is why they have their targets locked on the most lucrative sector.

Remote work is part of the reason for the sudden spike in financial sector related cyberattacks. Experts highlighted remote access inefficiencies, due to the increase in the number of people working from home, as the greatest security challenge. They also mentioned virtual private network (VPN) vulnerabilities as another security challenge. These are challenges for every business but especially for remote workers in the financial sector, who must protect more sensitive information.

The financial sector was the most commonly targeted sector, receiving 51% of attacks. This was followed by healthcare (35%), professional services (35%) and retail (31%).

Because organizations in the financial services industry are entrusted with highly valuable and personally identifiable information, they are an attractive target for cybercriminals. Businesses in the financial sector have the most valuable information for cybercriminals. Such as social security numbers, bank information, insurance information, names, contact information, and addresses. All this personally identifiable information can sell for a high price on the black market.

A cybersecurity company has reported a 238% increase in cyberattacks between February and April 2020. With the financial sector receiving a majority of pandemic attacks, a cybersecurity solution is essential in the fight against cybercrime.

Protect your business from the rapid increase in cyberattacks on the financial industry

Ostra is your cyber-security-solution that offers a 360 degree, 24/7 protection that works seamlessly in the background, protecting sensitive data and communications at every access point. We offer a secure VPN connection to protect your remote workers. We also offer email protection, to protect against one of the financial sectors’ biggest threats, phishing scams.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net


Financial Sector Cybersecurity Spending Up 15% in 2020

Banks and other financial service-related businesses are spending 15% more this year to defend against cybercrime.  The pandemic and remote working are influencing this change in spending, and the number will keep increasing, a survey found.

The average spending per employee in 2019 was $2,337. That number has increased to $2,691 per employee in 2020. For example, a company like Wells Fargo with thousands of employees is paying $850 million annually on cybersecurity. This change is due to the increased need for effective cybersecurity that can defend against cyberthreats no matter where the employee is located. The financial services industry on average pays the most per cyberattack than any other industry.

The financial services industry takes in the highest cost from cybercrime at an average of $18.3 million per company surveyed. (Accenture)

Since the financial sector is one of the most targeted it makes sense that overall cybersecurity spending has only increased in the last 5 years. The sector has also been the most targeted sector in the last few years as well.

Improve your cybersecurity without breaking the bank

With cybersecurity spending only going to increase nationally in the next years, it is important for your business to keep systems up-to-date and secure. Ostra is a software solution that knits together the top security solutions in the industry. We leverage known platforms such as FireEye and Palo Alto, to create a sphere of protection for your business and employees, no matter where they are located or what machine they are on.

Comprehensive cybersecurity made simple & affordable.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net


The Biggest Cyberattacks on the Financial Services Industry

The financial services industry is one of the most targeted out of all industries for cybercriminals. It is the most lucrative industry for cybercriminals to attack, which is why it is the most important to defend. These are a few of the biggest cyberattacks in recent years.

The Capital One Data Breach

In March of 2019, a hacker gained access to the Capital One server by a misconfigured firewall. The hacker could access credit card applications all the way back to 2005. It took Capital One 4 months to detect the breach. In July of 2019, Capital One found that a former tech worker gained access through the vulnerability and had been stealing data since March.

What was exposed?

According to Capital One, 140,000 social security numbers and 80,000 bank accounts were leaked in the United States. Over 1 million Canadian social insurance numbers were also exposed. The exposed data cost Capital One, hundreds of millions of dollars in damages.

How they could have prevented it?

Experts agree that this attack was very preventable if Capital One had correctly configured their firewall and ensured there were no vulnerabilities. A cybersecurity program like Ostra helps prevent data breaches by always running seamlessly in the background and protecting all digital entry points. Ostra detects and responds immediately to any threat.

The First American Financial Corporation Breach

Last May, the website for First American Financial Corp. was breached by hackers. The breach occurred due to an error in the backend of their website, specifically in the document management system, making it easy for any hacker to access. Being a financial company, their servers are full of private and extremely sensitive information dating back years.

What was exposed?

It is reported that the data breach exposed over 885 million financial records related to real estate deals. All the way back to 2003, that’s 18 years of sensitive information. These documents were made viewable to absolutely anyone. The leaked documents included emails, phone numbers, names, addresses, and financial information.

How could they have prevented it?

Penetration tests conducted by First American found this vulnerability in 2018 but failed to prioritize the fix for it. The company failed to patch any weaknesses, and they really paid for it. Not only did this breach cost them millions in damages, but they could be facing steep fines for rule violation by financial regulators. First American could have prevented this issue if they acted immediately instead of waiting to secure their weak spots. Websites are a huge vulnerability for the financial services industry, as they are the gateway to data breaches like this one.

Ostra’s cybersecurity solution can prevent weak spots from being exposed. Ostra allows systems to update & patch automatically with no business interruption or end-user engagement needed.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net




Cybersecurity Training Company SANS Hit by Phishing Attack

The cybersecurity training company SANS has fallen victim to a data breach. The attack started after a successful phishing scam against one of SANS employees. The breach compromised over 28,000 records of personal identifiable information, like names, emails, phone numbers, and addresses. No sensitive information like credit card info or login credentials were exposed.

The cybersecurity training company detected the breach during a systematic review of its email configuration. Where they found that 513 emails were forwarded to an unknown email address. This means that the company did not even know there was a breach until they found it on accident. “After finding the activity, SANS said it’s IT and security team deleted the forwarding rule as well as a malicious O365 add-in”. This breach is surprising for a company like SANS, whose employees should be very informed and alert to phishing scams.

This incident shows that no organization is immune from a cyberattack, even companies that specialize in the information security industry. Phishing attacks rely on human error which is what makes social engineering attacks so dangerous to organizations. If an employee at a cybersecurity training company can fall victim, then so can anyone else.

Many employees are working from home which can make it hard to conduct the cybersecurity training necessary.

”With remote working, the proper training is more essential than ever. In the case of phishing attacks, training should include phishing simulations where employees are taught how to respond to suspicious emails.”

Even with extensive employee training, training just isn’t enough.

Protect your business with a cybersecurity solution

With today’s increased risk of a phishing scam it is important to have cybersecurity that will protect your network and information immediately when faced with a threat. Your business has a greater chance now than ever to be targeted for a phishing scam or worse. Ostra Cyber Security provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting as many antiviruses do.

Ostra protects your company from all threats including the number one way attacks can happen; email.

Want to find out more? Contact us today at protection@ostra.net

News Article

Twitter Could Pay $250 Million for Using Private Information for Advertising

Twitter could be paying a hefty fine to the U.S. FTC for its use of private information (phone numbers and emails) in targeted advertising campaigns. This fine comes after the FTC filed a complaint against Twitter for using “phone number and/or email address data provided for safety and security purposes for targeted advertising during periods between 2013 and 2019”.

Many Twitter users have voluntarily submitted both their phone number and email to better secure their accounts with two-factor authentication. Usually when creating an account. But the users had no idea their information would be used in advertising campaigns. Twitter has now stopped requiring users to submit their phone number.

Twitter has said that its most recent breach has affected its business with advertisers. This is an issue that has occurred with many other social media companies, for example, the Facebook-Cambridge Analytica data scandal.

Protect your email

Email inboxes are the most common entry-point for ransomware attacks. Twitter being caught distributing private information like email addresses means that cybercriminals most likely have access to this information now too. Especially with the recent Twitter data breach, nobody knows what kind of information has been stolen.

Ostra protects your company from all threats including the number one-way attacks can happen; email.