COVID-19, the Financial Sector and Cybersecurity: Mitigating Risk

The COVID-19 pandemic is a global stress event that is testing all businesses’ financial, operational, and commercial resilience. It has ignited a proliferation of attempts to damage, disrupt, or gain unauthorized access to the computer systems of banks and other financial institutions. From February to April 2020, amid the COVID-19 surge, cyberattacks against the financial sector increased by 238%, according to VMware Carbon Black data. Against this backdrop, the financial services sector is having to adapt rapidly and at scale to current constraints and market conditions. 

Fraud

The financial services industry is at risk from heightened levels of fraud, including cyber fraud, as criminals attempt to exploit the COVID-19 pandemic.

Following emergency measures put in place earlier in the year, there have been significant numbers of applications from both individuals and businesses to access support schemes Many of these claims were made fraudulently, but processed rapidly, with less stringent controls than usual. If approved, funds may be transferred rapidly and with the whole system under stress, recovering funds due to fraud may be a relatively low priority.

Guidance for consumers for COVID-19 related scams has noted that scams may take many forms — they could relate to insurance policies, pension transfers, or high-return investment opportunities, including investments in crypto-assets – and that scammers are sophisticated, opportunistic, persistent and very likely to target the vulnerable.

The risk of internal fraud will potentially increase due to remote working and associated reduced oversight and challenge.

Cyber resilience measures

Cybersecurity experts and voluntary groups such as the COVID-19 CTI League are mobilizing globally to provide threat intelligence and combat these attacks. More than ever, firms will need to shore up their cyber defences and educate employees, at all levels, to the emerging risks.

In response to current and emerging cyber threats, Interpol has released international guidelines to curb illegal activities arising in the context of the COVID-19 crisis. National agencies responsible for cybersecurity have given guidance and advice. For instance, the joint statement by the UK and US cybersecurity agencies includes a list of practical indicators that systems have been compromised and encourages individuals and organizations to review their guidance on home working, mitigating malware and ransomware attacks, enterprise virtual private network (VPN) security and risk management, among other topics, to ensure that COVID-19-related challenges are addressed. 

Financial authorities are generally tackling cybersecurity risks as part of their efforts to ensure the continuity of critical financial services, including through requirements to bolster firms’ operational resilience or business continuity.

Data and security

Alongside the cybersecurity issues referenced above, employees are now potentially working with sensitive data in less secure home-based environments. The balance between locking data down securely behind a corporate firewall and making it more open and readily accessible to employees and business partners is having to shift to support new ways of working and keep existing business processes and operations moving.

We have already seen examples of firms that did not have significant remote working capabilities having to invest quickly in acquiring and implementing technology. Inevitably such rapid roll-outs are likely to be less robust than infrastructure changes planned and tested over a longer period. Regulations such as GDPR still apply, so Risk and Compliance heads will need to re-evaluate the associated risks accordingly and potentially deploy alternative mitigation measures.

Monitoring Remote Sessions

With more employees working from home, companies are seeking ways of monitoring remote sessions. One compelling case can be made for recording remote sessions for later playback and review. Employers are concerned that in the event of a security breach, they won’t be able to see what was happening on users’ desktops when the breach occurred. Another reason for recording remote sessions is to maintain compliance, as required for medical and financial institutions or auditing for business protocols, etc.

TSFactory’s RecordTS v5 will record Windows remote sessions reliably and securely for RDS, Citrix and VMware systems. Scalable from small offices with one server to enterprise networks with tens of thousands of desktops and servers, RecordTS integrates seamlessly with the native environment.

Click here to learn more about secure remote session recording.