As many people shifted to virtual offices over the past year as a result of the pandemic, traditional crime groups similarly moved online and found their way to the dark web – a digital underground that allows cybercriminals to remain anonymous. These groups molded to the digital sphere and teamed up with powerful cyber cartels whose attacks – many of which targeted financial institutions – were becoming more destructive and sophisticated than ever before.
In fact, attacks against the financial sector more than tripled between February and April 2020. The new goal of attackers? Hijack a financial institution’s digital infrastructure and leverage that against its constituents.
To provide a snapshot of the attack methods cybercriminals have been using, I recently surveyed 126 security leaders at financial institutions around the world. With a staggering 118% increase in destructive attacks on financial institutions, it’s imperative for financial CISOs to understand the ways in which cybercrime is evolving in order to protect their organizations.
Here’s what I found – and what other financial institutions can learn from it.
From heist to hostage
Say goodbye to the days of the traditional bank heist and say hello to a new era of digital financial hostages. 38% of financial institutions experienced an increase in island hopping and this is excluding SolarWinds. Cybercrime cartels understand the interdependencies of the financial sector and recognize that they can hijack the digital transformation of a bank to attack their customers. They use brand trust (oftentimes trust that’s been built up over hundreds of years) against the bank’s constituents by commandeering its assets. This does not only impact their bottom line, but also their customers.
Modern day market manipulation
Cybercriminals are turning to nonpublic marketing information in an effort to digitize insider trading and front-run the market in what amounts to economic espionage. 51% of financial institutions are experiencing attacks targeting market strategies, and 41% saw an increase in brokerage-account takeovers. We’re seeing cybercriminals try to get their hands on any kind of intelligence that drastically improves the accuracy of their financial bets.
The new digital bank robbery
Wire transfer fraud is becoming an increasingly popular attack strategy, with more than half of financial institutions – 57% to be exact – seeing an increase. Whether through man-in-the-middle (MiTM) attacks, malicious insiders or phishing, attackers are committing fraud through wire transfers because it’s hard to follow the money trail once complete and they get to cash in at the end.
The bottom line of my findings? Cyberattacks on the financial industry are not only increasing at staggering rates, but they are becoming more destructive and sophisticated than ever before.
So, what does this mean for financial organizations? To start, security teams should take the following steps:
- Conduct weekly threat hunting and normalize it as a best practice to fuel threat intelligence.
- Integrate your network detection and response with your end-point protection platforms – this is critical to protect the remote workforce outside of the physical office.
- Apply “Just in time” administration.
- Deploy workload security to ensure your employees are protected no matter where the data lives.
At an industry-wide level, we must empower the right people to fight back against these sophisticated threat actors. Let 2021 be the year that CISOs are given greater authority and resources. As it currently stands, a staggering three in four CISOs in the financial industry still report to the CIO. Safety and soundness will only be maintained by empowering the CISO and giving them a direct line of access to the CEO to ensure the necessary security strategies are in place. Trust and confidence in the financial sector depend on it.