A new report from VMware Inc. finds that cybercriminals are increasingly targeting the financial industry.
The findings, from the aptly named Modern Bank Heist report, highlight a drastic increase in destructive attacks and ransomware, as financial institutions grapple with more aggressive, sophisticated attack methods. Based on a survey of the financial industry’s top chief information security officers and security leaders, the report finds that financial institutions face increased destructive attacks and are falling victim to ransomware more than in previous years.
The types of attacks have also evolved, with more sophisticated cybercrime cartels moving beyond wire transfer fraud to target-market strategies, taking over brokerage accounts and island-hopping into banks, meaning going after its partners.
Close to two-thirds of those surveyed in financial institutions admitted experiencing an increase in destructive attacks, with 74% experiencing at least one ransomware attack over the past year. Disturbingly, 63% of respondents admitted that their financial institution paid the ransom when targeted by ransomware.
The report also found that once cybercriminals gain access to a financial organization, they’re no longer after wire transfers or access to capital as traditionally assumed. Cybercriminal cartels are now seeking nonpublic market information, such as earnings estimates, public offerings and significant transactions. Two-thirds of those surveyed said that their financial institutions experienced attacks that targeted market strategies. The report says modern market manipulation aligns with economic espionage and can be used to digitize insider trading.
Some 60% of financial institutions experienced an increase in island-hopping, a 58% increase from last year. Island-hopping is the process of undermining a company’s cyber defenses by going after its vulnerable third-party partners to undermine the target company’s cybersecurity. The increase is said to represent “a new era of conspiracy” where hijacking the digital transformation of a financial institution via island-hopping to attack its constituents has become the ultimate attack outcome.
Other findings in the report were that two-thirds of financial institutions observed the manipulation of timestamps, an attack named Chronos after the god of time in Greek mythology. Some 44% of Chronos attacks targeted market positions.
“Security has become top-of-mind for business leaders amid rising geopolitical tension, an increase in destructive attacks utilizing wipers and Remote Access Tools and a record-breaking year of zero-day exploits,” Tom Kellermann, head of cybersecurity strategy at VMware, said in a statement. “Financial institutions now understand that today’s attackers are moving from heist to hijack, from dwell to destruction, and leaving their mark on an extremely vulnerable sector.”