“Critical Security Gap” Amid Escalating Financial Sector Cybersecurity Threats

by

Estimated reading time: 5 minutes

Digital illustration of a cybercriminal targeting Acme Bank, sitting at a computer with dollar signs in their eyes, slippers on, ski mask on coat rack, and getaway car on jack—symbolizing modern financial sector cybersecurity threats and digital bank heists.

Modern Bank Robberies Have Gone Digital

Retire the getaway car. Save the ski mask for skiing. The days of the bank heist are dwindling. Well, not really. U.S. bank robberies peaked in 1991 at 9,388. By 2023, the number dropped to 1,362, an 83% decline in 20 years. Today, the average stolen haul is about $7,500, barely enough to cover a few months’ rent. But robbing the “bank” is alive and well in the digital age. Why risk a shootout or high-speed chase when you can breach a global bank from a laptop in a café while sipping a latte? Cybercriminals have embraced this new frontier, and financial sector cybersecurity faces a storm of AI-powered phishing, stolen credentials, and cascading supply chain risks.

Cyberattacks Dwarf Traditional Crime

KnowBe4’s Financial Sector Threats Report shows financial institutions suffer up to 300 times more cyberattacks than other industries. Targeted intrusions rose 109% year-over-year, with nearly every major U.S. bank reporting breaches in 2024.

“Adversaries are gaining an advantage against the financial sector,” said James McQuiggan, security awareness advocate at KnowBe4.

Phishing remains the most common gateway. Tests show 44.7% of employees in large banks clicked malicious links or downloaded infected files. Without training, almost half of the workforce could open the door for attackers.

Heat movie poster featuring Al Pacino, Robert De Niro, and Val Kilmer in the 1995 Los Angeles crime drama thriller directed by Michael Mann. Days of heists like those are over aa Financial Sector Cybersecurity Threats rise.
Hopefully, they still make heist flicks.
Notable Recent Breaches
  • Coinbase (2025): Breach exposed sensitive data of 70,000 users. Remediation costs are estimated at up to $400 million.
  • LoanDepot (2024): 16.6 million records compromised, including financial account numbers and Social Security data.
  • Bank Sepah, Iran (2025): Massive breach of 42 million records, including transaction histories.
  • Mr. Cooper (2023): 14.7 million records stolen, causing payment system outages.
See also  Ransomware Attacks Surge 20% in 2024: At-Bay's New Report Warns Mid-Sized Companies
AI Drives New Wave of Digital Deception

Threat actors now exploit AI tools like FraudGPT and ElevenLabs to create convincing phishing lures, malware, and deepfake voices. They have introduced an age in which our most trusted senses can no longer be trusted. Like magicians, they deceive with this “digital sleight of hand.” And we can all be fooled.

Fraudsters use these tools to mimic executives, regulators, or trusted vendors. What once took hours of human effort can now be generated instantly, at scale.

Editorial note: This might be one reason so many financial institutions are pushing the return to office. It’s much harder to fake a person in person.

Instead of locking systems with ransomware, many groups now rely on data exfiltration and multi-layer extortion. Attackers sell stolen information, leak it for pressure, or even threaten physical violence in extreme cases. The Russian-speaking group BianLian, for example, has abandoned encryption entirely in favor of data theft.

“The battle comes down to the human level. Financial institutions must prioritize human risk management to close this critical security gap.”

James McQuiggan, KnowBe4
Credentials Surpass Credit Cards in Value

Dark web forums overflow with stolen logins. Analysts reviewed more than three million posts and found credentials now dominate underground marketplaces. Why? A single compromised password can unlock multiple accounts, from online banking to corporate email.

Unlike credit card numbers, valid credentials let criminals “live off the land,” moving silently within networks and avoiding detection by using trusted apps and built-in tools—the ultimate insider threats.

Deepfakes and Infostealers Rise

The use of infostealers jumped 58% in 2024, with 68% of attacks originating from malicious email attachments. More than 70% of infected devices were personal rather than company-owned, underscoring the risks of “bring your own device” workplaces and, presumably, remote work.

See also  Ransomware Surge in Q4 2024: Attacks Hit Record Highs as Hackers Shift Tactics

Destructive attacks are also climbing. In 2024, 54% of global financial institutions reported attackers erasing or corrupting data to cover tracks or escalate ransom demands.

A Global Surge with the U.S. as Primary Target

The U.S. remains the top target, absorbing 60% of all ransomware attacks on financial institutions. The U.K. and U.S. together account for more than 70% of ransomware activity. But financial sector cybersecurity is a global concern.

Criminals are expanding into South Asia and Latin America, where digital banking adoption is outpacing the growth of security culture. Countries like Brazil, India, and Pakistan are facing increased infostealer campaigns.

One Minute Watch – Mosaic, Incyde Risk, Safe Security Partner to Strengthen Cybersecurity in Financial Sector

Supply Chain Risk Reshaping Insurance

Financial institutions increasingly rely on third-party vendors for payments, compliance, and fraud detection. This dependence creates vulnerabilities across entire ecosystems.

In 2024, 97% of major U.S. banks and 100% of Europe’s top financial firms suffered supplier breaches. Cyber insurers are tracking the fallout. At-Bay, a leading provider, reported financial fraud, often from phishing, remains the top claim. But indirect ransomware via vendors is rising sharply, posing challenges for underwriting and risk management.

A single day of missed payments by major banks could ripple through the system, affecting 38% of connected banks worldwide, according to the New York Fed.

Managing Human Risk

The report stresses that every cyber incident begins with human action: a click, a download, or a credential entered on a fake page. Human error is the leading gateway for attackers.

KnowBe4’s tests show that consistent cybersecurity awareness training can cut phishing risk below 5%. Within a year, organizations of all sizes saw dramatic improvements, highlighting the importance of embedding security awareness in company culture.

See also  Ransomware Crisis Worsens in 2023: Calls for Urgent Action to Ban Payments - Report

Get The Cyber Insurance News Upload Delivered
Every Sunday
Subscribe to our newsletter!

This is not a new idea, any human condition is temporary, perishable. Routine and discipline of routine create lasting results, from personal fitness to corporate cybersecurity.

On improving financial sector cybersecurity, McQuiggan, of KnowBe4, said, “The battle comes down to the human level. Financial institutions must prioritize human risk management to close this critical security gap.”

The Modern Bank Robbery

Physical robberies may be fading, but bad actors will always exist and go where the things worth stealing are kept. Digital bank heists are thriving. Hackers sit oceans away, sipping coffee, while siphoning millions in stolen credentials and financial data. For banks, the frontline battle is no longer in the lobby; it’s in the inbox.

Martin Hinton

Martin Hinton is the Executive Editor and Publisher of Cyber Insurance News and Information. With over three decades of journalism experience across six continents, his work encompasses investigative reporting, documentaries, and coverage of cultural, political, and business news. To learn more about his career, click on his name to visit his LinkedIn page.

banking cybersecurity, finance sector cyber threats, digital bank heists, cyber risk in finance

×