Survey: Financial Services Firms Under Cybersecurity Siege
VMware today published a survey of 130 security leaders in the financial services sector that suggests more cyberattacks designed to undermine the integrity of public markets are being launched by cartels of cybercriminals.
Tom Kellerman, head of cybersecurity strategy for VMware, said the survey shows cybercrime cartels are now targeting market data as part of an effort to manipulate the value of financial instruments such as corporate stocks. Two-thirds of survey respondents (66%) report they are seeing attacks that specifically target market strategies. A quarter of those attacks (25%) were primarily aimed at market data, with 44% of those identifying Chronos attacks aimed at manipulating time stamps to impact market positions. Nearly two-thirds of respondents (63%) also report an increase in brokerage account takeovers.
The report also finds that nearly two-thirds of financial institutions (63%) saw an increase in destructive attacks designed to destroy, disrupt or degrade systems through actions such as encrypting files, deleting data, destroying hard drives, terminating connections or executing malicious code. Well over half (59%) also saw an increase in application attacks in 2021, with 94% of financial security leaders reporting attacks being launched against application programming interfaces (APIs).
Financial institutions are also seeing more ransomware attacks, with nearly three-quarters (74%) reporting they have experienced one or more ransomware attacks in the past year. Nearly two-thirds of those victims admit to paying ransom to retrieve data, according to the report.
Kellerman said many of these attacks are being launched by cyber cartels affiliated with nation-states such as Russia, noting many are trying to raise funds to lessen the impact of sanctions levied in the wake of the Ukraine invasion.
Other concerns include an increase in so-called “island hopping” to attack organizations that are part of a larger digital ecosystem (63%), attacks launched against cryptocurrency exchanges (83%) and the security posture of their shared service providers (87%).
To respond to these threats, the majority of financial institutions plan to increase their security budget by 20% to 30% this year, according to the report, with more than 70% spending more than 12% of the overall IT budget on security. More than half of survey respondents (51%) also are now conducting weekly threat hunts.
The appetite for risk in the age of fintech results in not enough appreciation for the risk these institutions face, noted Kellerman. It’s clear more CISOs need to report to the CEO, but the survey finds 80% of CISOs at financial institutions still report to CIOs. In general, CISOs need to be more empowered to disallow applications that are too risky to be deployed in a production environment, as many IT and business leaders tend to discount the actual level of risk to the business, he said.
Regardless of who is in charge of IT security, the report shows the overall sophistication of the cyberattacks against financial service institutions has increased. And many of these institutions are at the core of a fragile global digital economy that can be disrupted more easily than most might care to admit.
