The global pandemic due to COVID-19 has resulted in a 238% surge in cyberattacks against financial institutions, from the beginning of February to the end of April. Ransomware campaigns against banks witnessed a nine-fold increase during this period.
What is happening
According to the Modern Bank Heist report, there has been an uptick in cyberattack attempts during the peak COVID-19 news cycle. The research consists of inputs from 25 CIOS stating that 80% of the surveyed organizations have experienced cyberattacks over the past 12 months. This lead to a 13% increase in year-over-year.
- 27% of all cyberattacks are targeted toward the financial and healthcare sectors.
- Not just information theft, but cyber attackers are hugely focused on causing significant destruction to the networks.
- The most common malware families used are Emotet, Obfuse, CoinMiner, Tiggre, and Kryptik.
What the experts are saying
- The report claimed that attacks are increasingly becoming more sophisticated, where attackers have dramatically expanded their understanding of the internal policies.
- Bank heists have become virtual hostage situations where threat actors have attempted to confiscate digital transformation efforts.
- An advisory released by the NCSC (the UK) and the CISA (the US) stated that they have identified cybercriminals scanning for vulnerabilities in software and remote working tools.
What you can do
- Set up a secondary line of secure communications.
- Monitor the situation carefully to ensure that the adversary is completely removed from the network.
- Deploy deception grids or honey tokens.
- Finastra fell prey to a ransomware attack on March 20.
- Between February and March, attacks on the financial sector saw an increase of 38%.
- 33% of survey participants stated that they had suffered island hopping attacks while 20% had experienced watering hole attacks.
Cybercriminals are constantly upgrading their tactics and techniques. Although the financial sector is secure, it is experiencing a high degree of cyberattacks owing to the coronavirus pandemic. It is imperative that financial institutions maintain a regular dialogue with law enforcement authorities to ensure quick response during a cyber mishap.