The 10 biggest cyber threats facing the financial services industry

Given the sensitive information it holds, it’s no wonder that the financial services industry continues to be one of the industries most targeted by cybercriminals today. Recent societal and technological changes over the past year have only made matters worse.

The current COVID-19 pandemic has created fertile ground for cyber threats as industries and individuals have become vulnerable as they grapple with remote working practices, mass digital disruption and expanding perimeters of security. Criminals, on the other hand, have become more self-confident by going beyond traditional theft and ransoms to disclose sensitive information, discredit reputation and commit fraud. Many of these “next generation” cybercriminals are armed with sophisticated malware that was once beyond their reach, but is now more readily available through subscription models and underground forums.

Blueliv’s latest white paper, Follow the money, delves deep into this evolving threat landscape. Supported by intelligence gathered by Blueliv’s Threat Context, the white paper identifies recent attacks, popular cyber threats and the threat actors behind them and offers the financial services industry advice on how to manage this cyber risk. .

Using the results of this white paper, this blog will describe some of the biggest threats facing the financial services industry today.

1. Phishing

Phishing is a flagship technique used by cybercriminals to steal identifying information and Personally Identifiable Information (PII) and remains one of the most effective attack vectors. It is typically used in conjunction with social engineering techniques to extract information from victims and trick them into believing that the email they received is legitimate (often from a bank or government agency) and that they must act. This action often sees the victim clicking on a link or attachment containing malware that allows the attacker to gain access to their systems.

2. Business Email Compromise (BEC)

BEC attacks allow malicious actors to access a work email account and impersonate the owner in order to defraud the target business and its employees, customers or partners. By doing so, attackers can gain access to sensitive data through corporate systems and networks. BEC attacks target financial institutions because of the valuable information available if the attackers are successful. Once inside, these attackers focus on cheating other employees into transferring money to criminal bank accounts or disclosing access information that would allow them to do so on their own.

3. Ransomware

A type of malware that encrypts victim’s files and retains them until the victim agrees to pay a ransom, ransomware attacks have exploded in popularity and sophistication over the past two years. Typically, attackers either demand that their victims pay the ransom within a specific time frame, or they disclose the encrypted information publicly. If the victim pays, the attacker can offer a way for the victim to regain access to the system or data. These attacks are historically opportunistic, although they are becoming increasingly targeted.

Successful ransomware attacks typically begin with an attacker accessing a device through a spam email attachment disguised as someone the recipient trusts. Once clicked and downloaded, the file gives the criminal access to the machine.

4. Identity theft

Using a single stolen ID, criminals can gain access to a company’s systems or networks to launch a more comprehensive attack, transfer money to money laundering and insurance scams, and even spread malicious links among other employees. Identity theft is a universal problem that affects all modern industries and costs the global economy millions of dollars each year.

5. Malware infection

Malware infections use malicious email to launch various types of attack campaigns, from credential theft to Trojans, etc. According to data from Blueliv, described in his latest white paper on the financial services threat landscape, The top five malware thieves used for credential theft explicitly targeting financial services industries in October 2021 are Azorult, Arkei, Redline, Raccoonstealer and Collector.

6. Banking Trojans

Banking Trojans are computer programs designed to steal wanted information stored or processed through online banking systems and typically rely on entering forms, injecting code and specific theft modules deposited into the infected machine. These add-ons can force legitimate software to trick users into installing them. From there, they search for and extract sensitive data that criminals can monetize.

7. Point of sale (POS) malware

All digital consumer purchases at a retailer are handled by point-of-sale systems made up of hardware (for example, the terminal used to read the customer’s card) and software that tells the hardware what to do with the items. information it receives. Malware designed to infect these systems has grown in popularity in recent years and has allowed criminals to extract card data which can then be used or resold, resulting in financial gain for the attacker. A combination of hard-to-detect malware and data exfiltration, hard-to-patch legacy hardware, and general operating system vulnerabilities mean it can be difficult to defend against this particular threat.

8. Malware for mobile applications

While providing a high level of security, the reality is that many banking apps – just like other civilian apps – have common flaws and vulnerabilities that criminals can exploit and extract sensitive data from. Mobile banking Trojans, in particular, are “one of the fastest growing, most flexible and dangerous types of malware” and have features that include credential theft as well as theft. funds in mobile users’ bank accounts. Recent research shows a 129% year-over-year increase in malicious actors targeting smartphones since 2019 due to the increased use of mobile banking apps.

9. Distributed Denial of Service (DDoS) attacks

This attack sees cybercriminals flood and crash a target website by flooding it with traffic. Attackers use multiple compromised computer systems as sources for attack traffic, including computers and other devices connected to the network. Recently, out-of-the-box toolkits have become available to attackers who otherwise would not have had access to such an attack vector, thanks to DDoS-for-hire sites.

DDoS attacks disrupt the operation of the business, damage traffic and databases, and can result in substantial financial loss for the victim. These attacks pose a significant risk to financial services institutions, as revenues will likely be disrupted as a result of an attack, not to mention the costs of remediation and even indemnifying customers.

10. Cryptojacking

Cryptocurrency has grown incredibly popular over the past year or so. The market moves millions of dollars every day with almost no regulations in place, making it the perfect target for threat actors. Cryptocurrencies are by design private and anonymous, making it difficult for victims to protect themselves or their finances in the face of an attack. All an attacker needs to do is access a target’s device via a cleverly disguised phishing email. From there, they can generate and transfer cryptocurrency to their personal accounts.

How can the financial services industry manage their cyber risk?

While financial institutions typically invest more in security than other industries, they cannot invest the time or money to implement every security solution or build a team of security experts who are qualified enough to protect their businesses. data against the many threats they face. Even the world’s largest banks, investment funds and financial services organizations are unable to fill all the gaps in their security infrastructure. This is where threat intelligence comes in.

True threat intelligence gives organizations real-time insight into threats lurking outside their perimeter, actionable insights into infected devices to prevent fraud, and the ability to detect leaked user credentials , stolen and sold in real time. With this, organizations can act on the basis of recent and reliable information to mitigate or completely avoid the threats described in this blog and can focus their often limited resources on the most critical threats targeting their networks and infrastructure. Simply put, threat intelligence enables security teams to act more effectively in the face of cyber threats.

Learn about the additional threats facing the financial services industry, including ATM malware, pharming, digital card skimming and more, the threat actors behind them, and how banks and financial organizations can manage their cyber risk, read our latest white paper.

The post office The 10 biggest cyber threats facing the financial services industry appeared first on Blueliv.

*** This is a Syndicated Security Bloggers Network blog by Blueliv written by Roman Tauler. Read the original post on: https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/threat-intelligence/the-10-biggest-cyber-threats-facing-the-financial-services-industry/

Stephen V. Lee