2 minute read
I Executive summary
This publication, the “Cyber Threat Landscape Report of the Hungarian Financial Sector 2022”, published by the Central Bank of Hungary (hereinafter: CBH), provides a comprehensive view of the key cybersecurity threats affecting the Hungarian financial sector, the main trends observed in relation to these threats and a high-level overview of the incidents experienced in the Hungarian financial sector.
This publication was produced with the support and funding of the Technical Assistance Instrument 2021 programme of the European Commission’s (hereinafter: Commission) Directorate-General for Structural Reform Support (DG REFORM). Following the Commission’s decision, the Hungarian office of Ernst & Young Consulting Ltd. assisted the CBH in the implementation of the project.
The project started in September 2021, with a survey of the national incident reporting obligations in the financial sector and an international outlook. Taking these into account, a methodology for reporting incidents has been developed and a six-month Pilot Project involving 39 institutions (including 12 insurance undertakings, 5 banks, 10 funds) was carried out between 1 February and 31 July 2022 to collect and analyse detailed incident data – supplemented by some additional data – on which the report is based.
After the introduction of the whole project, the report is divided into four main parts: the general overview – international and domestic, including other sectors – is followed by the description of threat trends identified based on all incidents and in particular critical incident data, then an analysis of the technical data of the potential attack surfaces visible from the Internet and externally accessible security settings of the institutions participating in the project, and finally the reader is given a methodological overview of the tools and approaches used during the pilot.
The key conclusions of the report can be summarised as follows:
• the international trends appear with a slight (few months) delay in Hungary as well; the risks and threats are virtually identical, so it is worth paying attention especially to European events and to base domestic defence priorities on them,
• the vast majority of the incidents collected within the pilot (70%) were traditional malfunctions, so prevention and timely response is currently a more efficient way to maintain cyber security than defensive measures focused on cyber-attacks,
• evidence from multiple sources suggests that during the summer months, especially during periods when there are fewer changes/upgrades to IT systems, there are significantly fewer incidents affecting the operation of systems, therefore more careful change management may play an important role in preventing malfunctions,
• actual cyber-attacks – typically various forms of phishing – primarily target customers, so in addition to technical control measures, it is important to raise customer security awareness while defending against attacks and preventing damage,
• during the pilot, the CBH received far more detailed and significantly better quality incident data than under the mandatory supervisory reporting and the institutions participating in the project themselves gave positive feedback on the reporting process,
• there is no detectable correlation between the incidents collected during the pilot and the externally accessible Internet security settings of the institutions.
With the publication of the Cyber Threat Landscape Report of the Hungarian Financial Sector 2022 the project itself is not the end of the project, the methodological work will continue, and it is foreseen that after the refinement of the incident reporting procedures, the CBH will regularly, annually produce a similar analysis based on the available data.
