A new study from F-Secure released Thursday found that ransomware has become the No. 1 threat for financial services organizations.
According to the study, this was based on the perceived impact a ransomware attack could have on the resiliency of an organization, resulting in considerable financial, operational and reputational loss.
Financial organizations are also increasingly concerned about supply chain threats from nation-state actors, the lack of monitoring and detection capabilities in the cloud, and challenges managing vulnerabilities with the backdrop of increased threats from state-based and cybercriminal actors.
The study also found that financial services technologies such as SWIFT, Open Banking and ATMs present an ongoing risk to financial organizations as offensive techniques evolve. Cryptocurrency-related attacks have increased and securing digital currency infrastructure was also identified as an important trend as central banks increase their cryptocurrency holdings and roll out their own digital currencies. The study said financial organizations will spend a lot of time in the future securing cryptocurrency technologies.
Ransomware attacks have increased at an alarming rate over the past year, so it’s no wonder financial institutions have keyed in on this issue, said Scott Devens, CEO at Untangle. Devens said as organizations continue to pay ransoms, cybercriminals are becoming more encouraged and turning their attention to ransomware attacks as a lucrative opportunity — and banks and other financial institutions are beginning to understand the threat.
“This is leading financial companies to reevaluate their IT security teams to add specific skills, such as mobile device management, digital forensics, and malware prevention, as hybrid work continues and more IoT devices are brought onto networks,” Devens said. “To defend against cyberattacks, network security professionals will also need to continually stay updated on new technology, educate all employees on the latest schemes, and implement policies such as zero trust that may be unpopular with staff, but are necessary to prevent attacks.”
The financial industry has also seen an alarming increase in software supply chain attacks as banks and other financial services organizations continue to invest in tools for cybersecurity protection related to core banking applications, as well as cloud infrastructure, Prakash Linga, co-founder and CEO at BluBracket. Linga said as the end-points and networks get hardened, attackers have shifted their sights on source code and infrastructure code that these organizations have residing in cloud and enterprise Git repositories. The challenge is that they are not very well protected and present an opportunity for sophisticated hackers to exploit.
“Code-related risks, such as PII, credentials and API keys that may be present in code, as well as infrastructure configuration files can be exploited by attackers to gain access and then pivot to conduct attacks or exfiltrate valuable information,” Linga said. “Additionally, unauthorized access to Git repositories affords malicious threat actors the ability to tamper with the code and inject malware.
Tyler Shields, CMO at JupiterOne, said cloud has become a high-priority theme for financial services as they are rapidly undergoing a digital transformation for major portions of their business. Shields said as they execute these new initiatives, they have an ever-expanding attack surface that they don't understand how to manage, track and reduce risk for.
“They are basically flying blind with the growth rate of non-traditional cyber assets going well beyond just IP addresses in a datacenter,” Shields said. “The shift to cloud is resulting in a complete overhaul for how we think of our cyber asset base as well as how we analyze the attack surface of this base from an internal and fully informed perspective. Cloud will continue to be a major priority for the foreseeable future.”
