New research from cybersecurity provider Check Point has revealed that financial services face more malware attacks than any other industry.
On the back of its recent strategic partnership with FinTech Scotland, a joint presentation between the two examined the cybersecurity threats facing financial services companies and fintechs.
According to Check Point, startups and larger financial institutions currently face up to 1,300 cyberattacks per week. It noted that 25% of all malware attacks are aimed at banks and other financial services organisations – surpassing all other industries.
In addition, Check Point Cybersecurity Threat Intelligent Analyst, Neomi Rona, revealed some of the specific threats that businesses will face in 2021.
According to Rona, cryptomining scams were the top ranked malware type for the first half of 2020. These see the victim’s CPU used to mine cryptocurrencies, slowing down the computer and potentially damaging it due to overheating.
These either involve installing malware directly onto the victim’s computer or executing it when the user visits an infected website.
“We expect that this trend will decrease,” Rona said. “Over the first months of the year, we have seen a shift in this field as two massive web-based services that provide website with the ability to mine cryptocurrencies at the expense of the visitors have shut down.”
Check Point’s research showed that ransomware attacks are the lowest ranked malware type the company has dealt with so far this year.
“Which is quite a surprise because we’ve seen a massive increase in the field of ransomware since the start of the year and most notably since the start of the pandemic,” Rona noted.
For financial services, the most common type of malware attack were botnet attacks. These see the computer become infected with malware and joining a network of infected computers, downloading or uploading information and using shared resources to spread.
“What we’re seeing now in the threat landscape is that malware is delivered via botnets, so having botnets ranked above ransomware is actually good,” Rona said. “It means we succeed in blocking ransomware attacks at the earlier stage, the botnet stage.”
With ransomware attacks increasing in both frequency and severity during the pandemic, there have been several prominent examples in the news.
In recent years, cybercriminals have developed and deployed an evolved version of ransomware attack – the double extortion attack. Whereas once ransomware attacks simply encrypted data and charged for its decryption, now the attackers threated to leak a copy of the stolen data.
Companies that fail to comply risk damage to their reputation and fines under GDPR, forcing compliance from the victim. Rona also warned that such attacks will likely become more commonplace in the future.
Because of the pandemic, more people are working from home than ever before. Despite the use of cloud services offering end-to-end encryption and other security features, the end points of networks, such as computers and phones are more vulnerable.
This is because corporate data is being accessed on less secure home networks. As such, the line is blurring between personal and work devices, and personnel are isolated from each other, making social engineering easier.
- Data Protection | The pros and cons of end-to-end encryption
- Comment | Shifting your cybersecurity processes left
- DIGIT Q&A | Calum Smeaton, CEO of TVSquared
Check Point experts warned that 90% of attacks on organisations start from a malicious email. With hackers using more sophisticated social engineering tactics to get workers to expose vulnerabilities in networks, an awareness of threats is vital.
For example, voice phishing, or vishing, will be a major trend in 2021 to build trust between cyberattackers and their victims.
Vishing is nothing new – most people will have received at least one phone call claiming to have been from Microsoft tech support in the past.
“What we see now is a form of the vishing but as a far more sophisticated attack similar to what we’ve seen in the ransomware field,” Rona said.
“These attacks now target corporate users – they are preceded by extensive research into the organisation and the behaviour of the specific users that will be contacted. For example, new hires, who are unfamiliar with employees and the dynamics of the office, or employees working from home.”
With advances in deepfake technology, criminals can use software to alter their voices to sound like colleagues to prime a person for an attack.
“We now see more deepfake AI-based vishing capabilities enabling anyone to imitate the voice of a celebrity or of course an employee,” Rona warned.
“We expect to see, and have already begun to see, attackers that actually use the voice of a close colleague or the CEO and calling you. They are familiar with the company jargon and the names of departments and your position and ask you politely to make a wire transfer or ask for specific credentials or financial information.”