What are the main cyberattacks suffered by the financial sector

What are the main cyberattacks suffered by the financial sector

cybercrime organized, ransomware and destructive attacks. These are some of the cybersecurity difficulties faced by financial institutions According to the latest report from Modern Bank Heists (Modern bank attacks). The report draws from testimonials from 130 financial security leaders and chief information security officers (CISOs) from around the world.

destructive attacks

According to this report, 63% of financial institutions experienced an increase in destructive attacks this year, which is 17% more than last year. It isThese types of attacks aim to destroy, damage, or degrade victim systems through measures such as the encryption of files, the destruction of hard drives, the interruption of connections or the execution of malicious codes.

“Recently we have witnessed destructive malware like HermeticWiper being released after Russia’s invasion of Ukraine. Remarkably, most of the financial leaders I spoke with when conducting this report indicated that Russia represents the greatest concern for their institution,” said Tom Kellermann, author of the report and head of Cybersecurity Strategy at VMWare.

Ransomware and remote access tools

It is known as ransomware to software that hijacks and encrypts information with the aim of then demanding a ransom from the victim to grant them access to that encrypted data again. 74% of financial security leaders suffered one or more ransomware attacks in the last year, and 63% of these victims paid the ransom, which is always discouraged because it encourages the growth of this type of crime.

It should be noted that this type of attack grew hand in hand with the distribution of kits with this type of malware, ready to use, which is marketed on the dark internet.

Not only was the use of ransomware widespread, but also of remote access tools (RATS) that help cybercriminals to control the affected systems. These tools allow attackers to continue in the environment and establish a test service to do other attacks.

“Once the adversary gains this limited access, they often work to monetize it. To do this, it uses the victim’s data in order to extort money (including double and triple extortion) or steal resources from cloud services using cryptojacking attacks”, highlights the specialist.

Cryptojacking is a type of cybercrime that consists of using, without permission, the capacity or power of computers to mine cryptocurrencies.

Market information

Confidential information is key to the market and criminals know it. Do out of every three leaders interviewed said they had suffered attacks aimed at learning about market strategies, and one in four indicated that market data was the main target of cyberattacks on their financial institutions.

Cybercriminals are looking for this type of information that can affect the price of shares. In addition, that information can be used to make an advantageous investment in the market.

How to take care of these threats

The first point is to become aware of the risks that exist and then plan strategies to enhance security in companies. According to the report, most financial institutions plan to increase their security budget by 20-30% this year, as well as designate extended detection and response as their top security investment priority.

It is essential that financial institutions play a proactive role in prevention. The report revealed that 51% of financial institutions now conduct weekly threat chases; Ideally, this number should increase, as specialists recommend.

Finally, the members and employees of these institutions must receive permanent training in cybersecurity so that they are alert and do not fall into phishing traps or other types of traps that could open a gateway for cybercriminals.