A new industry report by Blueliv, an Outpost24 company, has deep dived into the evolving threat landscape that is surrounding the financial services sector. Using advanced threat intelligence gathered by Blueliv’s Threat Compass; the ‘Follow the Money’ report reveals the main cyber threats and the culprits behind these malicious attacks to forewarn these vital institutions.
Threat intelligence gathered by Blueliv from the dark web and deep web showed that the main cyberthreats targeting the industry included: Phishing, Credential Theft, Ransomware, Business Email Compromise (BEC), Malware infection, Banking Trojans, Webinjects and Mobile App Malware.
Each of these attack vectors must be a focus of attention as they enable cybercriminals to commit fraud, successfully breach enterprises, cause reputational damage, manipulate the stock markets and lead to non-compliance penalties.
“While the financial services sector is largely aware of the threats that face them and is concerned about the impact cyberattacks can have, there is an acknowledgement that more needs to be done to secure their systems, networks, data and customers,” said Lidia Lopez, Threat Intelligence Analyst at Blueliv.
The main threat actors targeting the banking and financial services sector, as revealed by the Blueliv Threat Context, are:
- Lazarus Group
Lazarus Group has been linked to some of the most notorious cyberattacks in recent history, and some researchers have suggested that it may be backed by the North Korean government.
- The Cobalt Gang
The Colbalt Gang has targeted FSIs around the world, including dozens of targets primarily located in Western Europe, Eastern Europe, and Central Asia.
The FIN7 group distributes point-of-sale (PoS) malware, often combined with remarkably bold social engineering techniques, such as calling up victims to ensure they open malicious files.
Lopez continues, saying: “To tackle the increasing threat faced by financial institutions, actionable and automated threat intelligence must be used at the core of any defence strategy to provide security teams, and their tools, the necessary insight on where they need to prioritise their detection and response efforts to minimize the risk of potential attack and fraud attempts.”