Data Breach Scenario: Malicious Software – Financial Services Firms
John Iacono • November 13, 2018

November 13, 2018

According to research from the Verizon RISK Team, few breaches are unique, meaning the vast majority of incidents are caused by a small number of scenarios. Verizon classifies 18 different data breach scenarios into four groups; the human element, conduit devices, configuration exploitation and malicious software. For the purposes of this article, we will focus on the malicious software that makes institutions vulnerable.

Verizon’s 2018 Data Breach Investigation Report states that over 75% of confirmed data breaches were financially motivated. They go on to report that ransomware is at the top variety of malicious software , being found in 39% of cases.

The lesson here is that malware is a big contributor to the breach landscape and it is rare that malware acts alone. These malicious software attacks can generally be defined as one of the four categories listed below.

1.Ransomware

Ransomware is a form of malware that uses encryption to lockout institutions from accessing their files. The attacker basically holds the data hostage until the user agrees to pay a ransom to regain access to their data. This type of attack increased by 36 percent in 2017, introducing 100 new malware types.

Ransomware is on the rise, and small businesses are especially vulnerable. One common ransomware is CryptoLocker, a Trojan that targets computers that run Microsoft Windows. The malware encrypts data with an accompanying message that the data will be decrypted upon a ransom of Bitcoins paid by a set deadline. Victims of ransomware have mainly included universities and the healthcare industries, though SMBs have been targeted as well.

2. Sophisticated Malware

Sophisticated malware attacks include custom-written viruses designed to disable a system’s security and its anti-virus measures. As suggested in its name, the attacks are highly advanced and often targeted towards specific institutions with well-established IT security implementations in place. While breach detection time dropped significantly to 146 days in 2015 from 416 days in 2012, some malware can still go undiscovered for years.

One of the more sophisticated malware attacks occurred in February 2015 when the Society for Worldwide Interbank Financial Telecommunication (SWIFT) reported a cyber-heist where hackers successfully withdrew $81 million from a bank in Bangladesh. According to SWIFT, hackers obtained user credentials and submitted fraudulent SWIFT messages that corresponded with authorized money transfers.

In this instance, a malware known as Trojan PDF Reader was used to manipulate PDF reports and avoid detection.

3. RAM Scraping

Certain malware, known as RAM scraping, is designed to extract data from physical memory and typically targets point-of-sale systems. This malware targets the POS terminal during the brief vulnerable period when a transaction is taking place.

The now-infamous Target breach in 2013 is a prime example of hackers utilizing RAM scraping to steal the card information of more than 110 million Target customers. The attack went on for nearly two weeks before it was detected.

4. Credential Theft

When credentials are stolen it is difficult to detect a malicious “known user.” Using spyware/keylogger, stolen credentials, phishing, backdoor and password dumber tactics, these attacks allow threat actors to pose as a known user and gain carte blanche access to the network for months (if not longer), placing a great amount of data at risk. To prevent credential theft, Verizon recommends a strong password policy, two-factor authentication, patching vulnerabilities immediately, reviewing network logs, and addressing the SQL injection issues.

Malware Protection from Your MSP

Eternal vigilance, quick identification, and the right protections are key to avoiding major damage from a malicious software attack. Fairdinkum employs a combination of cutting-edge techniques to ensure your infrastructure is safe, up-to-date, scalable and compliant, keeping your company in good standing.

Download our Financial Services Cyber Security Audit Checklist to check your cyber security.

Related Articles:

  Contact us now for a free, no-obligation consultation.

< Older Post

 Newer Post >

How an Outsourced MSP Can be the Missing Piece for Your Tech Needs

By John Iacono August 1, 2025
For growing businesses, IT challenges can be unpredictable. One moment everything is humming along; the next, there’s a server failure, a phishing attack or a sudden compliance audit on your doorstep. If you have internal IT staff, you may assume you’re fully prepared, but the reality is that internal IT teams often get stretched thin,... The post How an Outsourced MSP Can be the Missing Piece for Your Tech Needs appeared first on Fairdinkum.

Geoff Corbett: Professional Services Manager

By John Iacono July 23, 2025
Not to play on stereotypes, but Geoff Corbett, professional services manager, says he fits the “nerdy IT person” label. For the past 18 years – and really throughout his life – Geoff has propelled his love of gaming and technology into a career. And we’re grateful to have him at Fairdinkum! His wide knowledge of... The post Geoff Corbett: Professional Services Manager appeared first on Fairdinkum.

Strategic Steps for a Seamless Cloud File System Migration

By John Iacono July 21, 2025
As more businesses shift toward cloud-first operations, moving your company’s file systems from on-premise servers to a cloud platform like Microsoft SharePoint might seem like an obvious next step. But this type of migration is not a simple “drag and drop.” It requires strategic planning, technical alignment and user preparation to ensure the transition improves... The post Strategic Steps for a Seamless Cloud File System Migration appeared first on Fairdinkum.
Show More →