New Report Reveals Troubling Security Gaps At Midmarket Banks
The report data was compiled from penetration tests conducted at 350 regional and community banks across the country.
Banking and the financial industry overall are among the biggest targets for cyberattacks. One report revealed that the financial services industry saw a 177 percent increase in cyber incidents from 2022 to 2023.
Large banks and financial institutions have the means to employ the most sophisticated cybersecurity technologies and hire highly skilled security staff.
Smaller and midsize banks are faring worse, according to a new report from Neovera, an enterprise managed cybersecurity and IT services provider.
Neovera compiled data from penetration tests conducted at 350 regional and community banks across the country that manage assets ranging from $200 million to $45 billion daily. The data is from testing from August 2023 to August 2024.
Here are some key takeaways from Neovera’s report:
- The most critical threat midsize banks face is firmware that contains known vulnerabilities. Five percent of regional and community banks tested have issues with known vulnerabilities, Neovera’s data showed.
- The use of outdated networking protocols including NetBIOS/LLMNR/mDNS enabled posed a high risk as these protocols are vulnerable to exploitation. Nearly 40 percent of midmarket banks tested had outdated networking protocols.
- Blank or default passwords posed another high security risk, with testing finding this issue at 26 percent of the banks tested.
- Twenty-two percent of banks also had weak passwords throughout their networks.
- Neovera’s data showed that 30 percent of midmarket banks did not have SMB signing deployed, which can help protect a network from man-in-the-middle attacks.
- Twenty-three percent of the banks also had the Web Proxy Auto-Discovery (WPAD) protocol enabled. According to Neovera, WPAD should be disabled in an environment as it can be exploited to give hackers part of an organization’s passwords.
“A good example of password issues is something we’ve seen time and time at midmarket banks. They might set a strong password for wireless internet but not realize that there’s also a blank/default password for the actual router itself, which, if not changed, could be an access point for hackers. A lot of times, it comes down to a lack of cybersecurity expertise,” said Scott Weinberg, Neovera founder and CEO.
“Some systems need legacy protocols, like NetBIOS. While these types of protocols are outdated and more susceptible to exploitation, you can’t stop using them if they’re required to keep applications running smoothly. It’s just essential to isolate these systems from the rest of your network.
“If we can find these issues on an initial penetration test, hackers can too.
“At the end of the day banks are major targets for hackers, and no size organization is off limits. Community and regional banks manage millions to billions of dollars in assets every day, which can mean big paydays for ransomware attacks. That’s why these organizations need true awareness of what’s happening with their cybersecurity posture. That includes continuous monitoring, strong vulnerability and patch management programs, data encryption, endpoint protection and more. If you don’t have a team focused on this today, it’s time to connect with a partner who can help,” he added.
Read Neovera’s full report here.