The potential financial, operational, and reputational impact of ransomware makes it the top threat facing financial services organizations, according to a new report from cyber security provider F-Secure.
Phishing, exposed remote desktop protocol (RDP) ports, and the exploitation of vulnerable software are called out as the three most common principal intrusion vectors for ransomware. The report also notes that the scale and sophistication of ransomware attacks have increased in the last two years.
And while the report forecasts that ransomware will remain a predominant threat for at least the next 12 months, it also highlights defensive strategies that can help reduce the impact of ransomware attacks.
“Financial service organizations that understand their IT estates, what opportunities they have to detect attacks, and what risks and threats are facing their industry, can prepare themselves to mitigate most of the damages caused by the kind of ransomware attacks we see today,” said F-Secure Global Head of Incident Response Joani Green. “Detecting attacks is obviously the first step, but organizations that prepare a full plan for responding to ransomware can put a stop to these incidents in a matter of hours instead of days or weeks.”
Even though financial services organizations consider ransomware to be the top threat, the report found that supply chains and cloud security were key areas of concern. The report lists several reasons justifying organizations’ concerns with these areas but identifies the spread of capabilities from nation-state threats to cybercriminals as a common development for both.
Also Read: Web 3.0: Increasing Cybersecurity Risks?
“If you look at the threat landscape as a whole, tactics, techniques, and procedures trickle down from the highly-skilled, well-resourced nation-state attackers to professional cybercriminals. That’s why cloud security and supply chain attacks are the financial sector’s biggest concerns. Ransomware attacks are viewed by many in the sector as of today’s biggest threat to operational resilience, but we can already see the signs that attacks against these other areas will become more important in the months and years ahead,” said F-Secure Head of Threat Intelligence Callum Roxan.
Other findings discussed in the report include:
- Financial services organizations are struggling to manage vulnerabilities in their infrastructure. The exploitation of vulnerabilities is a key vector in many high-impact intrusions by both state-sponsored threat actors and cybercriminals.
- Technologies such as SWIFT, Open Banking, and ATMs present an ongoing risk to financial organizations as offensive techniques deployed against these technologies evolve. Financially motivated state-backed groups continue to conduct ATM cashouts, fraudulent abuse of compromised bank-operated SWIFT system endpoints, and cryptocurrency theft.
- Cryptocurrency-related attacks have increased, making it important for central banks to secure digital currency infrastructure (particularly as they increase their cryptocurrency holdings and roll out their own digital currencies).
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.