UPTEC startup reveals critical cybersecurity flaws in British FinTechs

UK FinTechs are exposed to serious cybersecurity risks. The new report by Ethiack, a cybersecurity startup incubated at UPTEC – Science and Technology Park of the University of Porto, analysed almost 800 FinTech companies in the UK and identified more than 56,000 exposed digital assets, including websites, servers and cloud services. From outdated SSL certificates to details of exposed server versions, the findings reveal the level of vulnerability of even the most innovative players.

The study, released in May, shows that many of these companies do not properly protect their online systems. Some 19.5% of websites and services use outdated or poorly configured security certificates, which can allow hackers to intercept sensitive data. In addition, 43% of companies leave visible technical information about the software and versions they use, making it easier for attackers looking for known flaws. According to Ethiack, these flaws show that many FinTechs still don’t effectively monitor their digital systems, increasing the risk of attacks such as phishing, ransomware and DDoS, which are increasingly common in the sector. A cyber-attack can be costly: in the UK, a security breach costs an average of £3.58 million, a figure that rises to over £5 million in the financial sector.

The analysis was carried out using Ethiack’s own technology, which simulates the point of view of a real hacker. The tool doesn’t hack into companies’ systems but collects public data to assess the level of digital exposure. This gives a true picture of the vulnerabilities that any cybercriminal can easily discover. Faced with this reality, Ethiack argues that companies should invest not only in preventative measures, but also in solutions that allow them to quickly detect threats and respond to them.

The full report, which details Ethiack’s main conclusions and recommendations, is available at: https://lp.ethiack.com/report-uk-fintech.