By Allen Eaves, Managing Director of Information Security and Technology at Jack Henry

The total global loss caused by cyber criminals is expected to reach $30 billion by 2023; and this is only growing in the years to come. In fact, cybercrime is said to cost the world $10.5 Trillion by 2025, making it vital for financial institutions to continue to prioritize cybersecurity spending. 

The evolution of technology is moving fast, and unfortunately, while this is great for the industry as a whole, new technology means new doors are open for cyber criminals to enter and attack. They’re finding new entryways to cloud-based networks, targeting unpatched or software vulnerabilities to extract data, and breaking through non-traditional entry avenues such as cryptocurrencies and decentralized finance (DeFi) systems.

Below outlines what cyber tactics financial institutions should keep an eye on along with strategies to prepare and fight cybercrime as we head into the new year:

Ransomware will remain a top threat

Every 14 seconds one ransomware attack occurs. Ransomware is a major, successful business of its own. Hackers have been exploiting the public’s interest about ongoing crises, embedding ransomware into phishing emails and using pandemic, inflation, and war-related news as a front to entice victims to click on the malicious links. Even with the global awareness of ransomware and malware, and the ever-increasing vigilance of IT teams, the most common entry point for ransomware continues to be users accidentally clicking malicious links, visiting insecure websites, or engaging with phishing emails.

When a bank or credit union is hit with ransomware or another type of cyberattack, the potential for loss is great; and that’s not just financial loss. Attack-induced system outages can last weeks or months, leading to stalled business growth, unprocessed loans, and lost customers who feel their money is no longer safe with their institution. Financial institutions need a modern technology approach to better detect, mitigate, and prevent cybersecurity risks in today’s ever-changing and complex IT and security environment. Those who embrace new and safer technologies, like cloud-based systems, will be able to more confidently and securely serve their accountholders. 

The cybersecurity stigma is worsening

It’s nearly impossible to accurately gauge attack trends because so many incidents never publicly come to light. In 2021, 65% of data breaches went undetected worldwide. There is a sense of secrecy and shame for consumers when they fall victim. The disconnect between what actually happens when an organization becomes a cyberattack victim and what the public thinks happens is strong. Cybersecurity acts are complex and invisible and carried out by highly skilled, sometimes state-sponsored groups that are becoming more sophisticated. It’s no longer just the stereotypical basement hacker in a hoodie. 

The stigma needs to be removed. Cybersecurity education and incentives tailored to the financial institution and accountholder’s needs is a good place to start. Developing a culture of openness where both employees and accountholders are not afraid to be totally transparent about the suspicious activity they encounter online is key. With the education tools and training in place, financial institutions can become a valuable trusted advisor for accountholders and employees – not only when it comes to making smarter financial decisions, but also in providing a secure environment for accountholders to conduct their banking tasks.

Regulatory pressures are putting more stress on financial institutions

In response to the economic crisis, regulators are strengthening their oversight of banks and credit unions. Institutions need a strong defense system and education materials in place to protect themselves and accountholders from falling victim to bad actors. A strategic technology partner will provide great value here monitoring and reviewing upcoming regulatory changes to ensure the financial institution has the proactive measures in place that match their business needs and tolerance for disruptions.

Uptick in Cyberattacks and Fraud Happening Simultaneously

There has been a rise in multiprong attacks where we see fraud attempts alongside cybersecurity attacks, especially at financial institutions. While we have seen cyberattacks paired with fraud attempts for the last decade, we are now seeing another wave of fraudulent activity timed alongside ransomware attack and/or DDoS attacks. Effectively, cybercriminals have found that while an organization is focused on business continuity and managing an ongoing cyber incident there are often increased opportunities for carrying out a fraud scheme.

Consumers already have enough stress and anxiety about their finances in light of the recession. Rather than worrying about if their data is safe, they should be focusing on how to save and live a healthy financial life. Financial institutions need to place a sense of urgency on investing in the right technology that can help identify gaps and protect their systems vulnerable to internal and external threats, allowing them to focus more on becoming the center of their accountholders’ financial lives. 

Allen Eaves is the Managing Director of Information Security and Technology at Jack Henry. Jack Henry (NASDAQ: JKHY) is a leading SaaS provider primarily for the financial services industry.