BLOG: Cybersecurity Weaknesses In The Financial Industry

The financial sector remains at the sharp edge of the threat landscape, cybercriminals and threat actors are growing in sophistication and in numbers. Their strategies and their targeting have become more strategic, with the continuous focus on profitability. Typically, this industry is targeted by nation-state threat actors or state-sponsored. Threat actors are one of the most serious threats when it pertains to the financial sector, this is due to the sensitive nature of the data this sector possess.

2021 proved to be a difficult year for the financial sector and financial firms. The banking industry saw a 1318% increase in ransomware attacks. and recent trends show that the finance sector continues to have higher rates of confirmed social engineering incidents than most other sectors, especially phishing. Attacks against the financial sector increased 238% globally from the beginning of February 2020 to the end of April, with 80% of financial institutions reporting an increase in cyberattacks, according to cyber security professionals.

Financial services companies continue to be heavily targeted and typically feature in the top five sectors for severity and frequency of cyber-attacks, due to the delicate and intricate data this sector keeps regarding individuals, businesses, and governments. Most criminals target financial firms simply because that’s where a lot of revenue and income comes from.

Despite major efforts to protect themselves against ever-more-numerous and sophisticated attacks, businesses in this sector need to keep their guard up. To effectively deal with the risks faced by the financial sector, it is recommended to adopt a global and innovative approach. Orpheus’ advanced analytical techniques, including Machine Learning, combined with our highly skilled analysts, enable us to provide predictive and actionable intelligence to our clients. Our Cyber Risk Rating platform shows which vulnerabilities are visible on your attack surface, and that of your third parties.

Cybersecurity is a top priority in the financial industry as it seeks to ensure the security of its assets as well as the efficient and reliable execution of its business. Business leaders in the financial sector need to be more aware of the various cyber threats they face. In short, financial organisations need to be proactive in protecting their customers, their data, their networks, and their operations against cybercrime. Cybersecurity defences and protocols is an existential issue for financial institutions, which is why they invest heavily in cyber security. J P Morgan spends 600 Chase spends nearly $600 million (£442,761,000.00) each year to strengthen its cyber defences.

Carbanak/FIN 7 and Cobalt are examples of threat actor groups directing malware campaigns at financial institutions. These threat actors targeted over 100 financial institutions in more than 40 countries over the course of five years and stole over 1 billion dollars. The rise of cryptocurrencies like Bitcoin is making it easier for cybercriminals to carry out successful ransomware attacks, especially as these currencies provide anonymity for these groups. Ransomware attacks continue to increase in frequency and severity, and larger ransom demands. Cybersecurity professionals found that ransomware attacks were up 9x between February and the end of April 2020.

Carbanak/Fin 7 is a threat actor mentioned in our latest ‘Guide to Threat Actors’ whitepaper, Carbanak is an APT-style campaign targeting financial institutions that were discovered in 2014. It has been estimated by the Economic and Financial Agency’s that the group stole between $800 million and $1 billion from banks worldwide, predominantly in Russia, Japan, the US and across Europe. The malware used had discreetly installed a remote administration tool, used to access employees’ passwords. Cybercriminals have been developing other similar techniques to target financial institutions specifically.

If criminals can get access to critical systems or sensitive data they will look to monetise the attack through extortion. In 2020 the retail and banking industries experienced a large upsurge of attacks at certain times during COVID, most likely due to increased online traffic volumes.

A 2020 report on DDoS attacks conducted by cybersecurity professionals during the time of COVID-19 shows that DDoS attacks have increased by 30% in the financial sector between 2019 and 2020. Overall, the COVID-19 pandemic and remote work drove a significant increase in DDoS attacks on financial services in 2020 and this appears to be a trend that is set to continue throughout 2021 until 2022.

Cyber espionage is on the rise and financial services have been hit hard in recent years. These types of attacks can be carried out by competitors, or a foreign state interested in financial data. The financial sector has been highly affected by APTs and banks are particularly targeted. These sophisticated and stealthy threats combine advanced intrusion and spoofing techniques to allow hackers to gain access to account-management applications for example.

A 2016 study found that 60% of cyberattacks in the financial sector come from inside the company. Insider threats in the financial industry are masked behind a sad reality. Financial firms and financial services were in the top three sectors targeted by insider attacks.

The reasons for this can fluctuate between a range of factors, such as dissatisfied employees to poorly compensated bank tellers, 75% of those internal attacks were intentional. These employees can put organisations in jeopardy by offering up key credentials to a threat actor or declining to review cyber security concerns. This makes the employee one of the top cybersecurity threats to financial services. The remaining 25% of internal attacks are due to human error. Phishing scams and malware downloads can work on even the most loyal and hard-working employee.

Orpheus Cyber’s platform provides organisations with the knowledge needed to prevent cyber risks before they occur. To request a demo and get your cyber risk rating today, click here.