ATM security relatively low concern for FIs – Report

Banks show surprisingly low levels of concern regarding the threat of financial loss due to attacks on ATMs, despite high vulnerability to such attacks, according to Kaspersky Lab.

Only 19 percent of banks are concerned with attacks on ATM and cash withdrawal machines, despite the growing rate of malware targeting the channel, according to the cybersecurity firm’s 2016 threats review.

Kaspersky reported 20 percent growth in ATM malware in 2016 compared
with 2015.

Kaspersky Lab research also underscores the important role financial customers’ play in highlighting security incidents, the cyber security firm said. In a report from the firm’s Financial Institutions Security Risks survey, nearly one-quarter (24 percent) of financial
institutions reported that some of the threats they faced in 2016 were identified and reported to them by a customer.

For the survey, Kaspersky Lab and B2B International surveyed 841 business representatives from financial services businesses across 15 countries, and found that FIs are under considerable pressure to ramp up security with the adoption of mobile banking.

The report highlights mobile banking as a trend that can expose banks to new cyber threats. Forty-two percent of banks predict that within three years, mobile banking will be the main form of customer interaction for servicing accounts. More than half (61 percent) saw
improving the security of customer-facing apps and websites as a main  ecurity priorities, closely followed, at 52 percent, by the implementation of more complex authentication and verification of log-in details.

Sixty-four percent of banks said that they will invest in improving their IT security regardless of the return on investment, in order to meet the growing demands of government regulators, top management and even their customers.

“Combatting the constantly changing threats targeting their own IT infrastructure and customer accounts is an everyday challenge for financial institutions,” said Veniamin Levtsov, Kaspersky Lab vice president of enterprise business, in a release.

“To put an effective response in place that protects all points of vulnerability requires the financial services industry to have several key components: Build a highly integrated ant targeted attacks protection; embrace multichannel antifraud security; and get
actionable intelligence on evolving threats.”