Financial institutions

From robbery to hijacking, cybercriminals are turning to financial institutions

  • Most financial institutions said Russia poses greatest concern as geopolitical tensions continue to escalate in cyberspace
  • VMWare has noticed that sophisticated cybercrime cartels have evolved beyond wire transfer fraud to target market strategies, take over brokerage accounts and go island-hopping at banks.
  • 63% of financial institutions admitted to experiencing an increase in destructive attacks, while 74% experienced at least one ransomware attack in the past year, with 63% having paid the ransom

With each passing year, the number of cyberattacks skyrockets as campaigns become more sophisticated globally, even among (and perhaps especially among) financial institutions. VMware Inc’s Fifth Annual Modern Bank Hold-ups report pointed out that when it comes to banking, cybercriminals have begun to realize that the most important asset is non-public market information that can be used to fuel economic espionage.

It has also led financial institutions facing an increase in destructive attacks and falling victim to ransomware more than years past. “Sophisticated cybercrime cartels (have) evolved beyond wire transfer fraud to now target market strategies, take over brokerage accounts and go into banks,” VMware said.

From ransomware attacks to market manipulation, VMware’s findings make it clear that today’s cybercrime cartels are more organized and destructive than ever. The report also highlighted that 63% of financial institutions admitted to experiencing an increase in destructive attacks, with cybercriminals leveraging this method as a way to burn evidence as part of an incident response.

“Furthermore, 74% experienced at least one ransomware attack in the past year, of which 63% paid the ransom,” he added. Interestingly – but not surprisingly – when asked about the nation-state actors behind these attacks, the majority of financial institutions see Russia as a main concernespecially as geopolitical tensions continue to escalate in cyberspace following the invasion of Ukraine.

How destructive are attacks on financial institutions?

VMware noticed that once cybercriminals gain access to a financial organization, they are no longer looking for wire transfers or access to capital, as traditionally assumed. Instead, these cybercriminal cartels seek out non-public market information, such as earnings estimates, public offerings, and large transactions.

In fact, 2 out of 3 financial institutions (66%) have experienced attacks targeting go-to-market strategies. “This modern market manipulation aligns with economic espionage and can be used to digitize insider trading,” VMware said in a statement. Additionally, 60% of financial institutions experienced an increase in island hopping, a 58% increase over last year.

“The increase represents a new era of conspiracy where the hijacking of a financial institution’s digital transformation via island hopping to attack its constituents has become the ultimate outcome of the attack,” he said. added. Almost all organizations surveyed (83%) are actually concerned about the security of cryptocurrency exchanges, as successful attacks can be immediately and directly turned into cyber-money.

Former Deputy Director of the US Secret Service, Jeremy Sheridan, has seen firsthand an evolution and increase in complex computer fraud. “The proliferation of digital currency payment systems has created a global, instantaneous and pseudo-anonymous way to facilitate their actions. All of these factors have facilitated the maturation of a cybercriminal ecosystem that has not been sufficiently suppressed. We see these trends continuing into the future and using larger anonymization techniques such as peer-to-peer networks, privacy coins, encrypted communications, and darknet marketplaces to further expand the capabilities and reach of cybercriminality.

To counter this, the majority of financial institutions surveyed plan to increase their budget by 20-30% this year, according to data from VMware. Top investment priorities include extended detection and response (XDR), workload security, and mobile security