5 Evolving Cyberthreats Face the Financial Services Sector
For obvious reasons, the financial services sector has always been a favorite target of cyberattackers, and organizations have spent significant resources crafting and implementing strategies to beat back the most prevalent threats in the industry.
However, according to a new report from Accenture Security titled “Future Cyber Threats: Extreme but Plausible Scenarios in Financial Services,” common attacks are evolving in ways that could have major negative impacts on individual organizations and the entire global sector.
In particular, financial services firms should be wary of these five evolving threats:
1. Credential and Identity Theft Top the Threat List
Social engineering attacks “remain the number one threat” facing cybersecurity officers, the report notes. These attacks typically target customer, employee and other third-party credentials, with hackers then using this information to establish phony user profiles.
Because attackers can use credentials to open up accounts that they control, they cultivate high credit limits, bypass account alerts and ultimately facilitate high-dollar transactions with a low risk of detection.
Attackers also steal credentials to gain access to corporate systems, allowing them to distribute malware inside enterprise systems to commit fraud, the report notes. Hackers are starting to repeat these activities across multiple organizations, resulting in “multiparty compromises” that give cyberattacks operational reliance and increase attackers’ visibility into their campaigns.
“The advent of advanced adversaries leveraging their access through compromised credentials to multiple, critical entities concurrently is likely to impact the financial sector’s ability to collaborate — in turn, challenging its resilience,” the report notes.
2. Data Theft and Manipulation Alter Algorithms
Hackers have long sought to monetize the theft of information from financial firms; for example, by selling nonpublic earnings statements on the black market. Accenture Security predicts that attackers are likely to shift their focus from data theft to strategic data manipulation.
Because financial institutions increasingly rely on autonomous, data-driven decision-making processes, hackers could wreak havoc on institutions by surreptitiously altering the data and algorithms that firms rely on to plan, operate and grow.
3. Destructive and Disruptive Malware Erase Information
Ransomware and banking trojans remain a cybersecurity priority. “One insurance company that provides protection against ransomware attacks has observed that, of all the attacks they noted, 20 percent targeted financial institutions,” according to the Accenture report, which also notes that banking trojans enable wire fraud and automated clearinghouse fraud.
These attacks have grown more dangerous with the advent of destructive malware known as “wiper ware” that erases data, including logs used to monitor for attacks.
Wiper ware helps hackers steal and manipulate data and then make it more difficult for cybersecurity teams to perform forensics, stop attacks and remove hackers from IT systems. In 2018, attackers used wiper ware to shield a theft of $10 million from Chile’s largest financial institution.
4. Emerging Technologies Attract Attackers
Accenture Security notes that financial institutions are often early adopters of new technologies and warns that these emerging solutions could provide opportunities for malicious actors to strike.
For example, the report suggests that hackers are likely already targeting blockchain transactions and may begin to exploit vulnerabilities in artificial intelligence systems.
5. Disinformation Can Disrupt Markets
In the era of “fake news,” Accenture Security warns, disinformation has the power to not only derail political movements and destabilize governments but also to upend markets and tarnish brand reputations.
In early 2019, a financial services firm was the subject of a spoof letter, purportedly written by the fund group’s CEO, claiming that the firm was divesting from coal companies and changing voting patterns to take a stronger stance on climate change.
Although the hoax was perpetrated by an environmental activist, the report notes that the letter (which was picked up and reported as legitimate by several large news outlets) illustrates the low barrier to entry for effective disinformation.