Criminals have been robbing banks for over 200 years. It’s a rotten tradition that continues to this day. In fact, F-Secure’s Cyber threat landscape for the finance sector indicates that it might be getting worse worse, with the cyber attack capabilities of nation-states spreading to more common cyber criminals.
The report singles out North Korea as being publicly implicated in financially-motivated cyber attacks against organizations in over 30 countries in the last few years. Their targets include companies in the US, UK, India, and more. But the influence of nation-states on threats goes far beyond the odd bank robbery.
Perhaps the more significant impact is that the various tactics, techniques, and procedures (TTPs) used by North Korea and other nation-states are trickling down to more attackers. SWIFT attacks, which see attackers steal a bank’s SWIFT credentials to send fraudulent transfer requests, are one example. Payment switch application compromises (using malware to authorize illegitimate ATM withdraws made by attackers) are another. North Korea has used both techniques, and both have spread to other adversaries.
And while the reclusive country may be the only nation-state robbing banks, direct theft is only one reason to attack the finance sector.
Data integrity/sabotage are also major motivations for attacks. Cyber criminals almost always do this to extort money (through ransomware or distributed denial-of-service-attacks). State-sponsored actors tend to do this for geopolitical purposes. Examples include North Korean attacks against South Korea, or Russian attacks against the Ukraine.
Data theft is another powerful motivation for attacking the finance sector. Financial data is often highly sensitive, and useful for social engineering, blackmail, or other types of manipulation.
All in all, nation-states and cyber criminals alike have many reasons to attack the finance industry. The sector has the money, data and influence to attract everyone from script-kiddies to sophisticated state-sponsored adversaries. And generic threat trends like supply chain attacks affect the finance industry just as much as any other sector.
Check out the full report to learn more about how these threats impact banks, insurance companies, asset managers, and other companies working directly or indirectly with the global finance industry.Get the report