The financial services industry is one of the most targeted sectors when it comes to cyberattacks and breaches. The potential losses from cyberattacks could reach a few hundred billion dollars a year, eroding bank profits and potentially threatening financial stability. However, the risk goes beyond sophisticated APTs and cybercriminal operations. A vulnerability that is often overlooked and easily exploited is hardcoded credentials. This type of vulnerability is present in around 13% of all source code repositories on Github and other sites, with thousands of new secrets leaking every day.
Recent research has identified over six million secrets published to Github in 2021 alone, and thousands of mobile apps exposing secrets such as AWS tokens, enabling access to private cloud services. Even large companies like Uber have been compromised due to hardcoded credentials, with data belonging to millions of customers and drivers exposed.
To protect against hardcoded credentials, companies should allocate resources to sophisticated defense systems such as XDR, SOCs and AI tools. They should also monitor source code repositories for secrets and use a cybersecurity vendor to identify and address any issues.
• Financial services industry is most targeted sector for cyberattacks
• Hardcoded credentials are a vulnerability that is often overlooked and easily exploited
• Over six million secrets published to Github in 2021 alone
• Companies should allocate resources to sophisticated defense systems and monitor source code repositories
Call To Action: Learn more about monitoring source code for secrets from one of our experts. Follow us on Twitter and LinkedIn to read more exclusive content we post.