sb-nz logo
Story image

Digital heists: Attacks on financial institutions rise 238% in 3 months

It’s common knowledge now that COVID-19 has provided cyber attackers with ample opportunity to ramp up their operations as the world engages online more than any other time in history. 

But only now are official reports emerging describing the scale of the worldwide bump in attacks – and one of the hardest industries is, understandably, the financial sector.

Attacks targeting the financial sector at large have swelled by 238% in the months from February through to the end of April this year, while 80% of surveyed financial institutions reported an increase in cyber attacks over the last 12 months, according to a report released today from VMware Carbon Black.

A further 82% of surveyed institutions reported a rise in the sophistication of attacks – which can be attributed to attackers leveraging highly advanced social engineering tactics and advanced strategies for hiding malicious activity.

64% of financial institutions also reported increased attempts at wire fraud transfer, 17% increase year-on-year.

Wire fraud attacks are usually achieved either through exploiting business process gaps in the transfer process or via social engineering attacks which target consumers directly.

The increase in these tactics may have been born from the fact that attackers are increasingly appreciating the value of commandeering the digital transformation efforts of an institution.

“This year, while virtually all sectors of the global economy fell victim to cybercrime of one kind or another, no sector was more regularly targeted than the financial sector,” says US Secret Service Cyber Investigations Advisory Board (CIAB) executive director Jonah Force Hill. 

“At an alarming rate, transnational organised crime groups are leveraging specialist providers of cybercrime tools and services to conduct a wide range of crimes against financial institutions, including ransomware campaigns, distributed denial of service (DDoS) attacks and business email compromise (BEC) scams. 

“Criminals are increasingly sharing resources and information and reinvesting their illicit profits into the development of new, even more destructive capabilities,” says Hill.

“The growing availability of ready-made malware is creating opportunities for even inexperienced criminal actors to launch their own operations.”

In its attempt to decipher wider attack behaviour, rather than solely focusing on specific types of malware, VMware Carbon Black consulted MITRE ATT@CK.

"Adversaries may attempt to get information about running processes on a system," MITRE said in its report.

“Information obtained could be used to gain an understanding of common software running on systems within the network. 

“Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviours, including whether or not the adversary fully infects the target and/or attempts specific actions.” 

This reflects the drastic increase in attacker knowledge of the policies and processes of financial institutions – blind spots have been largely identified and incident response (IR) strategies have been analysed to better find loopholes and overcome them.

According to VMware, this advantage gives attackers greater opportunities to manipulate their positions within networks simply because of the noise created by IR, as well as a lack of security controls integration.

“When combined with a steady commercial growth of mobile devices, cloud-based data storage and services, and digital payment systems, cybercriminals today have an ever-expanding host of attack vectors to exploit,” says Hill.

“Every organisation—providers of financial services, in particular—must remain vigilant in the face of these evolving threats. 

“It is critical that organisations maintain a continuous dialogue with law enforcement to ensure a rapid response in the event of an incident.”

Story image
FortiGuard appoints former cyber warfare officer
Former RAAF cyber warfare officer Mark Robson has been appointed as senior tactical threat analyst in FortiGuard’s managed detection and response team, FortiResponder.More
Story image
Fortinet: Hyperscaling networks? Hyperscale your security!
Jon McGettigan, Fortinet A/NZ Regional Director, explains why a broad, integrated and automated security fabric is the most effective strategy to protect users, apps and data in a hyperscaling environment.More
Story image
IT leaders prioritising automation, Zero Trust and API-based security investments
"The study shows that a cocktail of multiplying threats, the proliferation of hybrid and cloud architectures, blended with a pandemic-fuelled explosion in distributed and remote work has created a perfect storm for network security teams."More
Story image
Over half of ransomware victims pay up - but does it work?
"Handing over money doesn’t guarantee the return of data, and only encourages cybercriminals to continue the practice."More
Story image
Tesserent to acquire Secure Logic's managed security services business
Secure Logic delivered an audited turnover of $9 million in FY 2020 and a $4.2 million EBITDA, with reportedly ‘strong’ earnings going into FY 2021.More
Story image
Kroll completes Redscan acquisition, expands cyber risk portfolio
With the addition of Redscan and its extended detection and response (XDR) enabled security operations centre (SOC) platform, Kroll expands its Kroll Responder capabilities to support a wider array of cloud and on-premise telemetry sources.More