{"id":10470,"date":"2018-02-28T05:00:05","date_gmt":"2018-02-28T10:00:05","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/?p=10470"},"modified":"2020-04-10T15:42:24","modified_gmt":"2020-04-10T11:42:24","slug":"financial-threats-report-2017","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/financial-threats-report-2017\/10470\/","title":{"rendered":"Looking at the financial cyberthreats of 2017 through a business lens"},"content":{"rendered":"

Our experts analyzed the financial cyberthreats of the past year and published a thorough report on Securelist. The most disturbing fact for financial institutions is the rise of business target share: 19% of banking malware<\/a> victims were corporate users. <\/p>\n

Apparently, cybercriminals began to shift their interest from consumers to businesses. It may be harder to infect businesses with malware, but it is definitely more profitable, because if they gain entry, they can get access to a company\u2019s financial resources. Although we saw a significant decrease last year in the number of financial malware victims (a 30% drop for the PC platform, 15% for Android) the share of corporate targets has risen. Now almost every fifth banking malware attack is focused on the corporate sector. In particular, we have registered a rise of ATM malware cases.<\/p>\n

However, phishing remains cybercriminals\u2019 favorite trick. Financial phishing usually targets consumers, but banks and payment systems also suffer when their clients are deceived. Last year we saw an increase in financial phishing: Our technologies detected 246,231,645 attempts to visit various kinds of phishing pages, and 53.8% of them tried to mimic banks, payment systems, or online stores.<\/p>\n

Another threat you should be aware of is a supply-chain attacks. As shown by the cases of ExPeter and ShadowPad, malefactors can infect with Trojan updates for the software that is used in financial institutions, among other places.<\/p>\n

You can find the complete report on Securelist<\/a>.<\/p>\n

Advice you can use<\/h2>\n

Your corporate infrastructure needs a multilayered and complex protection system. Every node in your network should be protected: from employees\u2019 workstations to servers, from ATMs to the queuing system\u2019s information panels. Endpoint protection is just a start; advanced detection and response technologies are necessary as well. On top of those, layer the following best practices:<\/p>\n