Although viruses, ransomware, and malware continue to plague organizations of all sizes, cyber attacks on banking industry organizations have exploded in terms of both frequency and sophistication. With a year-over-year increase of 1,318%, cyber risk in the banking sector has never been higher.
Ransomware the Most Dangerous for the Financial Industry in 2021
While cyber attacks are increasing in nearly every industry, the financial sector is disproportionately affected and vulnerable to many different threats. Cybersecurity in banking sector organizations has become increasingly critical.
Thus far into 2021, ransomware comprises the majority of cyber attacks on the banking industry. According to a report published by the US Treasury’s Financial Crimes Enforcement Network (FinCen), the 635 suspicious activity reports (SARs) filed in the first half of 2021 represent a 30% increase over the entirety of 2020.
Understanding the financial sectors current threat landscape requires breaking down:
- Why the banking industry is such a prime target
- The most common avenues and methods of cyber attack in 2021
- Some of the most significant attacks to occur in 2021
What is Ransomware?
Ransomware is a type of cyber attack that effectively locks an organization out of its own IT environment—computers, network(s), and other systems. Access to the environment and the data stored within are then ransomed back to the organization. Unfortunately, the attackers don’t always return access; sometimes, the stolen data is published openly on the internet or sold to other cybercriminals.
Ransomware is commonly delivered via social engineering methods (e.g., phishing).
Why Target Banks?
FinCEN’s analysis determined that ransomware targeting banks accounted for more than $590 million in the first half of 2021 alone, a 42 percent increase on the $416 million for all of 2020. So, it’s easy to see that hackers are using cyber attacks on the banking industry with more vigor than ever before. But why are hackers so interested in the banking sector?
Banks and other financial institutions are an obvious target for ransomware because hackers know they have access to large amounts of funds. Due to the critical position of continued banking services and the high probability that victims pay the ransom, financial institutions have quickly grown in popularity amongst hackers and malicious actors of all types. FinCEN has reportedly identified roughly $5.2 billion in Bitcoin (BTC) that it believes is related to ransomware payments.
As a result, cyber security in banking industry settings remains critical.
Common Avenues of Attack
Though ransomware has presented the most significant threat in 2021, banks and financial institutions must contend with cyber attacks spanning different channel deliveries and methods. Some other attacks that contribute to the rise of cyber risk in banking sector environments include:
- Business Email Compromise Attacks – Also known as BEC attacks, hackers gain access to an internal email account and imitate them to present faux legitimacy sufficient enough to deceive victims. BEC attacks are another type of phishing.
- Cryptojacking – One of the newest trends sees hackers embedding cryptocurrency miners into their malware apps, ultimately letting them use the infected computers to accumulate cryptocurrency.
- Zero-Day Exploits – This refers to existing cybersecurity vulnerabilities that remain unknown or that don’t yet have patches available for deployment.
Significant Cyber Attacks on the Banking Industry in 2021
Unfortunately, there’s no shortage of cyber attacks on the banking industry over recent years, and 2021 is no exception.
While Accellion is a provider and developer of accounting software, a zero-day exploit in their Accellion File Transfer Appliance software gave hackers access to the databases of numerous banks and financial institutions. This cyber attack on the banking industry technically occurred at the end of 2020, but much of the fallout wasn’t seen until after the New Year.
Some of the affected organizations include:
- Morgan Stanley
- Flagstar Bank
- Reserve Bank of New Zealand
- Australian Securities and Investments Commission
The popular online payment platform, PayPal, experienced a new wave of SMS-based phishing attacks in 2021. In these cyber attacks on the banking industry, the hacker or malicious actor impersonates PayPal while requesting users to verify their identities. This is a social engineering attack known as “quid pro quo,” where the attacker offers some service to convince victims to divulge sensitive data.
However, the verification site isn’t on PayPal’s domain, and any data entered is sent directly to the hacker instead.
In this attack, which happened in early 2021, a hacker posted the details of Mexico-based cardholders on a prominent cybercrime forum. Most of the data was complete, except for account passwords and card expiration dates. Still, the hacker claimed to have additional data on other cardholders and various banks throughout Mexico.
Automatic Funds Transfer Services
Automatic Funds Transfer Services (AFTS) is a payment processor that was targeted by a group known as Cuba Ransomware in February 2021.
The group accessed various financial and tax documents, individual account details, and other professional correspondence. This particular attack resulted in a widespread, successful ransomware campaign that targeted multiple state agencies in the US in addition to the financial sector.
Withstanding Cyber Attacks in the Financial Sector
Cyber attacks are only becoming more common—and effective—with time. These threats require organizations to implement sophisticated, multi-layered cybersecurity infrastructures to minimize exploitable vulnerabilities.
For more information on cyber attacks on banking industry organizations, or to find out how you can protect your network against these threats now and into the future, contact RSI Security today.