Bank information security threats

Apply for SearchInform DLP TRY NOW

Information security of a bank is a set of actions aimed at preventing leakage of customer and organization data, as well as the content of corporate documents.

Protecting banks from information leakage is one of the main tasks of the security service of a financial institution. Without a full range of information security measures, full-fledged activity and interaction of the bank with clients is impossible.

Bank information security objectives

The security policy of any bank has at least four objectives:

  1. Create and establish a system of work for all banking divisions and promptly prevent signs of information leakage.
  2. Distribute information by categories of secrecy with different access labels: public, official, commercial secret.
  3. Develop measures to prevent theft of financial assets and bank property.
  4. Maintain the stable operation of technical facilities.

Security threats

Failure to comply with the information security policy creates typical types of threats to the bank's security, which lead to disruptions and create conditions for serious data leaks, loss of money and other assets.

Mobile banking

A modern bank provides clients with tools for managing cards and accounts via the Internet. Therefore, the security system of a web resource should include encryption at any stage of user interaction with the system: authorization, making changes to the account, payment, transferring money and other operations.

However, the threat of data leakage through mobile banking is not only a consequence of a vulnerability in the protection of the site, but also arises from the ignorance of the users themselves. Scammers fraudulently gain access to personal accounts. From 2015 to 2018, at least 100 of the world's largest banks, including Bank of America, were hit by a massive customer data breach. Most of the incidents occurred due to the fact that users inadvertently revealed passwords and phone numbers "tied" to Internet banking.

The security service of a financial institution is able to reduce the number of such fraud cases. It is enough to regularly remind users of the prohibition to transfer personal data to third parties.

Social networks

Despite fundamentally different areas of activity, banks and social networks in combination often become a real threat to the information security of client accounts. Fraudsters on social networks try to find out personal data from the owner himself and hack the pages of other users in order to find classified information in private messages.

Social networks can become a channel for disclosing corporate secrets of the bank. The likelihood of a leak increases many times over when employees communicate on work topics in private messages. Therefore, it is recommended for bank employees to create a local system for transferring messages, files and data, which will work only within the protected environment of a bank office or even several departments.

Bank staff should be aware of possible risks, how important information can be inadvertently disclosed and what to do to prevent this from happening.

Malicious programs

This group of threats to the bank's information security includes virus software, botnets and DDoS attacks. The attacks are most often directed at the official websites of banks, Internet banking and local working networks of financial institutions. Regardless of the vector of attacks on banks, they are designed with one goal in mind - mass theft of funds.

The hackers behind the spread of virus software are not interested in the accounts of a particular user, but in the organization's cash flows. In 2017, cybercriminals used attacks and virus software to steal more than $ 300 million from banks around the world.

The introduction of systems of two-stage or biometric authentication of users and bank employees helps to eliminate the threats of this group. Such methods significantly complicate the hacker's task, since only owners can gain access to service or client accounts.


A phishing attack is another threat to the security of the banking sector, as a result of the successful implementation of which an attacker obtains the necessary secret data. Phishing is carried out through mass Internet mailing and can affect both bank employees and customers.

For example, an employee receives an email with a valid text and a link to a malicious page. The web page will be an exact copy of the corporate website or internet banking. An inattentive user will enter data that will be saved on the attacker's server.

The only way to avoid phishing is to carefully study all information in incoming emails from subject to signature, watch out for unexpected promotional offers, and always check the address bar before entering any sensitive information in your browser. The address of a phishing site differs from the address of an official resource by only one symbol.

Cloud technologies

Cloud technologies are among the most profitable ways to store any data. Therefore, large banks deploy entire servers in the cloud, where they store corporate information and secret data.

Most public cloud services do not provide users with advanced protection methods, so attackers are more likely to find information leakage channels. The security service faces a difficult task to provide all options for protecting bank information in the cloud.

The cloud essentially protects user data only through authorization. If your account credentials are stolen through a hacker attack or phishing, an attacker will easily not only steal information, but also continue to monitor the emergence of new sensitive information without the knowledge of the account owner. Since the cloud often stores corporate documents, contracts, archives of correspondence, personal data of customers, solving the problem of protecting cloud storage requires maximum concentration from the security service.

To create a comprehensive protection system on work computers, bank employees are recommended to use software to encrypt data before sending it to the cloud. The security administrator should regularly test the operation of protection programs and monitor whether data in the cloud has been deleted, modified or moved.

Internal threats

Threats to the information security of a bank can come not only from outside, but also from employees of a financial institution. The attacker is often played by employees who are unhappy with working conditions and wages or are bribed by competitors.

Insiders' actions can be aimed at stealing corporate secrets or undermining a bank's reputation. The task of the security service, in any case, is to control the activities of employees to prevent internal risks of leakage using a set of protective measures, including:

  • Create access control rules. Ordinary bank employees should not have access to critical information that relates to financial assets, information about shareholders and other secrets of the bank.
  • Install software on all computers of the banking system to monitor user activities. In this case, when the first signs of a leak or attempts to gain access to data appear, the security service will promptly receive a notification and calculate the insider.
  • Implement a video surveillance system. With the help of external surveillance, the security service will always be aware of the actions of the personnel, which increases the likelihood of disclosing attempts at theft, since insiders often try to steal classified data outside of working hours or set up other employees.

* * *

The economic system of any bank requires the development of effective methods of countering data leaks. All the information that the bank operates has material value, so its loss provokes serious financial losses.

Security policy and methods of building a protection system are individual for each bank. Components and methods of protection depend on the number of departments, the specifics of working with clients and the organization of staff activities. However, you should adhere to the basic principles of preventing information security threats and constantly monitor the emergence of new unprotected channels for transferring confidential data.