The pandemic-induced disarray has become a breeding ground for financially motivated attacks.
The coronavirus pandemic was related to a 238 per cent rise in cyber attacks on banks, new research says.
VMware Carbon Black published the third edition of the Modern Bank Heists report on Thursday, which says that financial organizations experienced a major upturn in cyber-attack attempts between February and April of this year — the same months that COVID-19 started to spread rapidly across the globe.
Research by the cybersecurity company, which provides feedback from 25 CIOS at major financial institutions, adds that during the past 12 months, 80 percent of the companies surveyed have encountered further cyber-attacks, an rise of 13 percent year over year.
VMware Carbon Black data already shows that nearly a third of all cyberattacks — 27 percent — threaten either banks or the healthcare sector.
An important point in the study is how there seems to have been an upsurge in the news cycle’s financially-motivated attacks around pinnacles, such as when the US announced the first COVID-19 event.
In total, 82 percent of the chief information officers responding to the study said that, in addition to a increase in assaults, strategies also seem to be evolving — including the use of social engineering and more sophisticated methods to manipulate not only the human element but also poor linkages created by the supply chain’s processes and technology in use.
There is widespread use of family Kryptik and Emotet malware, as well as Obfuse, CoinMiner, and Tiggre. From the beginning of February until the end of April 2020, Ransomware attacks against the financial sector increased around 9x. The ones surveyed said attempts at destruction are becoming more frequent, not just theft of information.
Wipers are becoming increasingly commonplace too. According to MITRE the standard wiper malware behaviors are as follows:
33 per cent of those surveyed also experienced island-hopping. This method of attack involves threat actors moving through a supply chain — beginning from a weak connection — with the ultimate goal of attaining a linked financial institution. Tools such as compromise and then going across networks, watering hole attacks, or Business Email Compromise (BEC) will do this.
Furthermore, 64 per cent of organizations registered an rise of 17 per cent in attempts at wire fraud.
“When combined with a steady commercial growth of mobile devices, cloud-based data storage and services, and digital payment systems, cybercriminals today have an ever-expanding host of attack vectors to exploit,” commented Jonah Force Hill, senior cyber policy advisor and CIAB executive director. “Every organization — providers of financial services, in particular — must remain vigilant in the face of these evolving threats. It is critical that organizations maintain a continuous dialogue with law enforcement to ensure a rapid response in the event of an incident.”