Financial services are a prime target for cyber attackers, and it’s no surprise why – they follow the money. Working in this sector involves handling funds, sensitive data, and personal information, making it a lucrative target for cybercriminals. According to IBM, cyberattacks in the financial industry can lead to an average cost of $3.86 million and take an average of 207 days to be identified. Attackers who breach financial systems can steal client information, hold critical data for ransom, or directly siphon funds and redirect payments.
In 2021, numerous cyber threats have been observed in the financial and insurance services sector. Let’s delve into some of the top threats faced by these industries this year.
What is banking malware and how does it work?
Banking malware is a malicious program designed to infiltrate online banking systems and access confidential information. Among these, banking trojans are the most prevalent, disguising themselves as harmless applications while attempting to steal sensitive data. These malware often come equipped with backdoors, providing cybercriminals with a gateway into a system. They employ various tactics to conceal their malicious intent, such as dormant capabilities that activate upon remote command, hiding components within files, or using obfuscation techniques. Some may even mimic the login pages of financial institutions.
Phishing Attacks and the Financial Services Industry
Phishing serves as a common entry point for cyberattacks, allowing perpetrators to infiltrate systems, steal data, or deploy malware like trojans. Attackers frequently leverage phishing emails containing malicious attachments to initiate their attacks. In recent times, phishing attempts have exploited current events like the COVID-19 pandemic to lure unsuspecting victims into clicking on malicious links. Spear phishing, a targeted form of phishing, specifically aims at high-level executives or financial officers to obtain sensitive credentials.
What are the most common threats to finance and insurance?
- Ransomware: Ransomware attacks, where malware encrypts crucial files until a ransom is paid, have become increasingly prevalent across industries, including financial services. Attackers typically initiate these attacks through social engineering tactics like phishing or by exploiting existing vulnerabilities.
Recent examples of ransomware attacks include incidents targeting major insurance companies like AXA and CNA, as well as smaller firms like an accounting company in Toronto, Canada.
- Trojans: Banking trojans, such as TrickBot and Emotet variants, have evolved to spread and download additional malware beyond their initial trojan functions. These trojans often lead to ransomware infections like Conti, Ryuk, and Cl0p.
- Threats that Target Mobile Devices: The rise of mobile banking applications has also led to an increase in trojan banking malware targeting vulnerable Android devices. Anubis, for instance, poses as a legitimate app but exfiltrates user data for financial gain.
- RAT (Remote Access Tools): Sophisticated threats like VermilionStrike, a re-implementation of Cobalt Strike Beacon, target both Linux and Windows systems, including those in the financial sector.
Protecting financial services from cyberattacks requires constant vigilance and investment in cybersecurity measures. As attackers evolve, security teams must stay ahead of the curve by implementing solutions that provide visibility, detection, and protection against emerging threats. It’s crucial for banks and financial institutions to adapt to the changing cybersecurity landscape to safeguard their operations effectively.