A new report released by Hush, the cyberprivacy platform that reduces social engineering and phishing risks for companies and all levels of their employees, has found that the largest 100 banks in the U.S. are at major risk for cyberattacks.
The report, which was released at the Black Hat USA cybersecurity conference, analyzed billions of data points to uncover the most prevalent cybersecurity attack route: employees. The analysis found that the average bank has 662,000 employee reconnaissance data vulnerabilities, and each employee averages 50 reconnaissance vulnerabilities. This puts both the employees and their banks at enhanced risk for being compromised by social engineering and phishing attacks.
The report also found that the 10 largest banks represent 65% of all vulnerabilities with a combined total of 44 million. This means that a small number of banks are responsible for the majority of the risk.
Smaller banks outperformed the top 20 largest banks in median vulnerabilities per employee. This suggests that smaller banks may be taking more proactive steps to protect their employees from cyberattacks.
“It will always be easier to hack a human than a computer,” said Mykolas Rambus, CEO of Hush. “The sheer volume of employee data exposed at the largest banks highlights the importance of anti-reconnaissance as part of a threat management strategy, especially against hacker AI. Regulators, Board of Directors, and Companies are realizing how dangerous these mountains of data can be when trying to protect against reconnaissance-fueled social engineering and phishing attacks.”
The report also provides recommendations for how banks can reduce their risk of cyberattacks. These recommendations include:
- Implementing a comprehensive anti-reconnaissance program
- Educating employees on social engineering and phishing risks
- Making it easy for employees to reduce their targetable footprint online
https://wordpress.com/plugins/socialengineeringnews.wpcomstaging.com?s=press+this