Security Becomes Top Concern for FSI Leaders as Cyber Attacks Become More Sophisticated

Security Becomes Top Concern for FSI Leaders as Cyber Attacks Become More Sophisticated

by May 10, 2022

In the finance sector, security has become a top-of-mind issue for business leaders as the number of cyberattacks skyrockets and campaigns become more sophisticated.

This is according to findings from a new survey conducted by cloud computing firm VMware. The study, which polled 130 financial sector security leaders, found that top executives and decision makers in the finance industry are aware of the rapidly evolving cyberthreat landscape and recognizing the need to put more resources and effort to keep up with these changes, with the majority of respondents planning to increase their security budget by 20-30% this year.

Looking at the various cyberattacks experienced and observed in the finance sector this past year, the study highlights a number of trends. First, the report notes that 2021 was a fruitful year for ransomware attacks with blockchain data platform Chainalysis estimating that more than US$602 million worth of ransomware payments were made last year.

Of the 130 financial sector security leaders polled, 74% of respondents indicated witnessing one or more ransomware attacks in the past year. 63% of these victims said they paid the ransom.

Along the same line, the study found that financial institutions are growing more concerned about the security of cryptocurrency exchanges as these become a popular target for cyber criminals. 83% of respondents indicated sharing concerns about whether or not these platforms had appropriate safeguards.

Exchanges have become lucrative targets for hackers as evidenced by the large heists that occurred last year. These include AscendEX (US$80 million), BitMart (US$150 million) and Liquid (US$97 million). Chainalysis estimates that about US$400 million was stolen from cryptocurrency exchanges in 2021.

Modern market manipulation

The study also found a shift from bank heists to economic espionage where cyber criminals are now going after non-public market information that can affect the share price of a company. This information would then be used to digitize insider trading and front-run the market.

Of the financial leaders surveyed, two out of three (66%) respondents indicated experiencing an increase in attacks targeting market strategies, and 25% said market data has become the primary target for cybercriminal attacks.

Further evidence of this trend is the reported rise in brokerage account takeovers where cybercriminals are now seeking to gain intelligence and improve the accuracy of their financial bets. 63% of the financial institutions polled indicated experiencing an increase in the number of identity thefts and unauthorized access incidents involving online brokerage accounts, up from 41% last year.

Other types of cyberattacks highlighted

The digitalization wave that has taken over the banking and financial services industry has provided the sector with tremendous opportunities to improve processes and enhance customer experience. But, it has also introduced a plethora of new risks which firms need to address.

In particular, cybercriminals are now capitalizing on the interconnectedness of the financial system and turning to so-called island hopping attacks to reach their targets.

Instead of directly attacking a well-defended target, an island hopping campaign will see threat actors infiltrate an organization’s more vulnerable third-party partners to undermine their target company’s defense.

Island hopping has become a popular attack method, with 60% of financial institutions polled by VMware witnessing an increase in these attacks, a 58% increase from last year.

Recognizing the threat, 87% of financial institutions indicated being concerned about the security posture of their shared service providers.

Finally, the last cybersecurity trend outlined in the VMware report is the rise of destructive attacks.

Destructive attacks primarily seek to destroy, disrupt, or degrade victim systems. This can be done for a number of different motives such as to eliminate evidence of malicious activity, or to achieve strategic or tactical objectives. Destructive attacks can involve encrypting files, deleting data, destroying hard drives, terminating connections, or executing malicious code.

Of the 130 financial sector security leaders surveyed by VMware, 63% said they’ve experienced an increase in destructive attacks, a 17% rise from last year.


Featured image credit: Edited from Freepik