AUSTIN, Texas, June 23, 2015 /PRNewswire/
-- Raytheon|Websense, a global leader in protecting
organizations from the latest cyber attacks and data theft, today
announced the release of the Websense Security Labs™ 2015 Financial
Services Drill-Down Report examining the current state of cyber
threats and data-stealing attacks against financial services
institutions (FS). The research reveals a high degree of
specialization among criminals attacking financial services, a huge
investment in the lure attack phase and the specific and anomalous
attacks pointed at global targets dealing in finance.
"The famous quote, attributed to bank robber, Willie Sutton that he robbed banks 'because
that's where the money is' applies to cybercriminals as well,"
said Carl Leonard, Websense
principal security analyst. "For years, this industry has been
under attack by highly specialized groups of criminals. By
analyzing the actions and attack patterns prominent and anomalous
to this industry, we can share this knowledge to more effectively
protect our customers' data and assets."
By analyzing data on attack patterns unique to specific
industries, Websense researchers gained new insight into attack
patterns, structures and tendencies against the financial services
sector. The top findings from the Websense Security Labs 2015
Financial Services Drill-Down include:
Financial Services Encounter Security Incidents 300 Percent
More Frequently Than Other Industries: Under constant barrage
by cybercriminals, the number of attacks against the Finance
sector dwarfs the average volume of attacks against other
industries by a 3:1 ratio. Further, the sophistication and
persistent nature of the attacks continues to challenge security
professionals.
Thirty-three Percent of All Lure Stage Attacks Target
Financial Services: Hackers are spending a huge amount of
resources targeting financial services with a disproportionate
amount of reconnaissance and lures. One in three incidents
identified as lures by the Websense Security Labs are directed at
this industry.
Credential Stealing and Data Theft are the Primary Objective
of Criminals: As one would expect with financial services, data
theft and credential stealing attacks are paramount to the
attackers. When analyzing the top threats facing this industry,
researchers noted that most had some data and credential-stealing
elements. By volume, the top threats seen in the finance sector
include: Rerdom; Vawtrack; Geodo. Interestingly, the Geodo malware,
with its own credential-stealing email worm, is seen 400 percent
more often in Finance than other industries.
Fraudsters Switch-up Campaigns Frequently to Outfox Banking
Security Measures:
Obfuscation and search engine
optimization poisoning continue to be more prevalent in attacks
against financial services than other industries as a whole.
Patterns in attack campaigns shift on a month-to-month basis,
including huge spikes in malicious redirection and obfuscation
detected in a wave of attacks in March
2015. This highlights an attack methodology designed for
campaigns to be harder to detect and analyze by those charged with
securing the finance sector. In addition, cybercriminals maintain a
constant barrage of low-level attacks to keep security pros
occupied dealing with a tremendous volume of background noise while
targeted attacks are simultaneously occurring.
The US Hosts the Most Threats to Financial Services: In
addition to fluctuations in campaign types, the host countries of
the attacks fluctuate significantly on a monthly basis. While the
majority of the compromised hosts attacking the sector are
consistently in the US, the geographic origin of specific campaigns
fluctuates. Fifteen different countries have rotated through the
top five attack geographies in the last five months alone. The
report further details month-to-month changes in attack
patterns.
Financial Services Ranks Third Among Industries for Targeted
Typosquatting: Websense researchers have seen an increase
in the use of typosquatted domains in targeted attacks against
financial services, usually combined with strong social engineering
tactics. When comparing more than 20 industries, the finance
industry claimed the third highest number of targeted typosquatting
incidents. The report identifies and describes the top
typosquatting techniques used in these targeted attacks.
The report also examines a possibility that the increasingly
global economy and cyber insurance adoption may be hindering
effective security measures, and provides more metrics, data and
visualizations of attacks against financial services.
To download Websense Security Labs 2015 Financial Services
Threat Drill-Down Report please visit
http://www.websense.com/content/2015-finance-industry-drilldown.aspx
About Websense, Inc.
Websense, Inc. is a global leader in protecting organizations
from the latest cyber- attacks and data theft. Websense TRITON®
comprehensive security solutions unify web security, email
security, mobile security and data loss prevention (DLP) at the
lowest total cost of ownership. More than 11,000 enterprises rely
on Websense TRITON security intelligence to stop advanced
persistent threats, targeted attacks and evolving malware. Websense
prevents data breaches, intellectual property theft and enforces
security compliance and best practices. A global network of channel
partners distributes scalable, unified appliance and cloud-based
Websense TRITON solutions.
To access the latest Websense security insights and connect
through social media, please visit www.websense.com/smc. For
more information, visit
http://www.websense.com and www.websense.com/triton.
About Raytheon|Websense
On May 29, 2015, Raytheon Company
(NYSE: RTN) and Vista Equity Partners completed a joint venture
transaction creating a new company that combines Websense, a Vista
Equity portfolio company, and Raytheon Cyber Products, a product
line of Raytheon's Intelligence, Information and Services business.
The newly-formed commercial cybersecurity company will be known on
an interim basis as Raytheon|Websense. The company expects to
introduce a new brand identity upon completion of standard
organizational integration activity.
Contacts
Susan
Helmick
Websense Public Relations
shelmick@websense.com
Hally Wax
Websense Public Relations
hwax@websense.com
To view the original version on PR Newswire,
visit:http://www.prnewswire.com/news-releases/websense-security-labs-reveals-top-cyber-threat-trends-in-2015-financial-services-drill-down-report-300103233.html
SOURCE Websense, Inc.