Firms that deal with all kinds of business and consumer monetary transactions are ideal for cyber criminals to go after. As a result, these businesses always need to be on their guard for the latest threats. If industry research is correct, companies in the sector have every reason to expect risks to continue increasing.
Supply chains introduce increasingly interconnected attack surfaces
Financial institutions have complex and interdependent supply chains, and they offer a broad, target-rich attack surface that adversaries can undermine.
Bad actors have been conducting supply chain attacks for years. But supply chain threats to financial services institutions over the past year have mainly involved technology partners including managed service providers and cloud service providers.
Service providers have been hit by ransomware incidents, which has disrupted services for some of their financial firm clients. Cyber criminals have repeatedly used vulnerabilities in third-party environments to impact financial institutions. Among the third parties that can be make financial firms vulnerable are telecommunications providers and power companies.
The Covid-19 pandemic has quickly increased the role the cloud will play in supply chain threats to critical infrastructure, including financial services. Cyber attackers are taking advantage as businesses expand their information security focus from an enterprise infrastructure to a virtual and cloud environment to support remote workforces.
Credential and identity theft continue to accelerate
Theft, compromise, and abuse of credentials and identities continue to be cornerstones for targeted attacks and fraud.
As the pandemic spread, financial institutions quickly adjusted their operations. But cyber criminals also moved rapidly to take advantage of the expanded attack surface presented through largely remote workforces, and new opportunities for fraud from the extensive government funding programs made available through financial institutions.
Incidents of credential-stealing malware increased, including mobile malware capable of stealing customer credentials for financial firms. As most financial services firms’ employees moved to remote work locations, there was a rise in reliance on mobile devices too. Identity theft also continued to grow over the last year, especially as government agencies and financial institutions implemented financial relief programs to help individuals and businesses affected by the pandemic.
Data theft and data manipulation from new vulnerabilities and cyber-criminal behaviour
While bad actors continue to target data, their motivations often go beyond theft to include destruction and disruption of information.
A new wave of cyber-attacks is resulting in data being destroyed or altered. Cyber criminals can exploit vulnerabilities in systems to compromise servers, manipulate data, or even encrypt all of a victim organization’s data through ransomware.
Threat actors realize that taking multi-pronged approaches against businesses help to sustain ransomware as a lucrative long-term approach. The concept of “naming and shaming” ransomware victims, combined with threatening to release stolen data makes the process of responding to ransomware infections more challenging.
Cyber-criminal groups are cooperating with one another, quickly shifting from commodity malware infections to targeted attacks. In some instances, it has only taken hours for crimeware to cause devastating ransomware to enter a network.
Emerging technologies advance cyber threats
As technology continues to advance, cyber security teams and cyber criminals alike are looking for ways to use innovative tools. In particular, bad actors have begun using deepfake to increase the effectiveness of their attacks.
Deepfakes involve the use of artificial intelligence (AI) or machine learning to manipulate or generate visual and audio content with the intent to deceive people. For example, criminals can use AI-based deepfake recording software to impersonate an executive’s voice.
As financial institutions continue to combat business e-mail compromise and account takeover attacks, they will need to monitor how adversaries might be using these deception techniques.
Firms should also explore using technological countermeasures in development to prevent adversarial abuse of this emerging technology.
Destructive and disruptive malware attacks spur multiparty and cross-sector targeting
Threat groups using ransomware are going after multiple related parties at the same time globally. Deploying a proactive defense plan that incorporates multi-party attack simulations with industry and cross-industry peers could help financial services firms be better prepared to face this threat.
The disruptive and destructive impact on financial institutions is a noteworthy recent change in ransomware attacks. As third parties fall victim to targeted malware campaigns, bad actors are likely to have a growing negative impact on the availability of some banking and insurance services—on a global scale.
Financial services firms can be affected indirectly by these attacks through the supply chain. They can address the risk by participating in forums that facilitate cross-sector information sharing.
Misinformation shakes trust in retail and government-backed banks
Misinformation is having an impact on the financial sector. Often, manipulation of trading markets involves elements of disinformation or misinformation directed at influencing unsuspecting investors to aid criminal actors’ objectives. Some groups undertaking these activities have been connected to cyber intrusions.
Bad actors can take advantage of high market volatility, which could further reduce confidence in the economy. Disinformation has affected the financial sector multiple times in the last year.
While there’s no evidence that sophisticated actors are spreading misinformation to support a financial or political agenda, it is plausible. As a result, the financial industry should consider how to address both accidental misinformation and highly sophisticated disinformation campaigns.
BY: Zakir Hussain, Director, BD Software Distribution Pvt. Ltd.