Big cyber heists make big headlines, but increasingly hackers are going after smaller financial firms, those with less than $1 billion in annual revenue, according to a recent report.

Although 53 percent of cybercrime perpetrated against financial institutions in the past five years has been against firms making more than $1 billion yearly, since 2012 the average target company size has decreased 28 percent, according to figures gathered by Nationwide and Advisen.

In just one year—from 2015 to 2016—the increase in malicious data breaches rose 40 percent, the two companies said, with the number of network disruptions jumping 68 percent. And while data breaches make up the largest percentage (36) of cyber incidents since 2012, fraudulent use/account access accounts for only 1 percent.

Source: Nationwide, Advisen

During the first half of 2016, one cyber-response company saw a 56 percent jump in the number of data breaches (955 vs. 611) compared to the same period of 2015. Financial institutions, particularly those with less than $35 million in revenue, were targeted by hackers most aggressively, according to Beazley Breach Response (BBR) Services.

BBR said the smaller firms are increasingly becoming a target because they are the “more vulnerable institutions.” Banks and credit unions with less than $35 million in annual revenue accounted for 81 percent of hacking and malware breaches at financial institutions in 2016 compared with 54 percent the year before, BBR said. “Hackers are increasingly targeting smaller financial institutions with less robust data security systems and personnel than larger banks,” BBR said.

Banking Sector Big Target

One of the most active malicious cybercrime actors is North Korea, and the nation’s army of hackers is increasingly focusing on the banking sector. The country has been linked to substantial cyber attacks on banks in 18 countries.

Cyber attacks on the global financial sector have reached such proportions that they’ve caught the attention of the G20. In March, the world’s largest economies pledged to work together to fight cyber attacks on the banking system. The move was spurred on by the $81 million heist last year that targeted the Bangladesh central bank.

“We will promote the resilience of financial services and institutions in G20 jurisdictions against malicious use of information and communication technologies, including from countries outside the G20,” the group said in a statement obtained by Reuters.

The global SWIFT bank transfer network has come under increasing attack, according to Reuters, recording a “meaningful” number of attacks; about 20 percent of those attacks result in the loss of funds.

The EU is also considering testing the cyber defenses of banks, Reuters said, owing to the growing vulnerability of the banking sector to malicious online activity.

Top Threats to Financial Institutions

The Cybersecurity Association of Maryland advises financial institutions to be wary of these top 5 threats:

• Unencrypted Data—Sensitive data that wasn’t properly encrypted created an expensive problem during 2015’s many financial data breaches. Essentially, stolen data could immediately be used by hackers after a data breach—unless the data was properly encrypted, that is.
• New Technology Without Security—New technologies, such as the Internet of things, always create new cybercriminal opportunities. For example, 2015 saw medical devices, connected cars, and even toys fall victim to either real or hypothetical attacks. CCTV cameras can be turned into botnets designed to attack banks.
• Third Party Services—Financial institutions intertwine services from multiple vendors, partners, and other third parties. Unfortunately, some of these third-party services can place its partner institutions at risk if they become compromised. Though regulators in both the United States and European Union are trying to decrease this risk, acting now is smarter than waiting for government regulations.
• Being Unprepared for New Forms of Hacking—As even minor errors can lead to millions or billions of dollars in damage, a new type of attack puts financial institutions at high risk. Attackers have started deliberately changing or manipulating data during hacking incidents. In many cases, this is even more damaging than deleting data because it makes data untrustworthy.
• Unsecured Mobile banking—The last few years have seen mobile banking explode in use by consumers. However, storing sensitive information on user devices presents a major security risk (especially on rooted or jailbroken devices). How can financial institutions deliver greater convenience to their customers while preventing malware or other device comprises from accessing sensitive data?