Finance sector across the globe risked with diverse e-threats

Cyber-attackers have evolved to primarily target the financial sector. F-Secure, a Finnish security company, in its latest report tells how the sector is encountering varied online threats which are numerically more than just traditional theft. Those criminals attacking institutions of financial services aim at grabbing sensitive data which they normally use for creating fraudulent bank accounts or establishing similar credit lines.

The e-threats confront organizations, which may work directly or otherwise in collaboration with the worldwide industry of financial services. These, targeting organizations like insurance companies, banking institutions and asset managers, can be diverse such as ordinary script-kiddies or beyond to nation-state backed actors and organized crime gangs.

The attackers referred to are also motivated diversely, with a large number of them eyeing on the finance industry because of its lucrative nature alongside its strong links to the national economies.

According to George Michael senior research analyst at F-Secure, the different characteristics of the cyber threats are useful for comprehension as attacker motivations can be easily mapped with particular businesses, and thereafter interpret their extent of application. Once the reason of threat actors attacking an individual becomes clear, the measurement of the online risk involved becomes more accurate. This then can be followed with appropriate mitigations, the expert says. www.betanews.com posted this, July 31, 2019.

The usual way that cyber-criminals attack financial sector is for extorting money by the employment of distributed denial-of-service or ransomware assaults. Nation-state backed actors have a different objective i.e. geopolitical purposes. According to the report, North Korea has been launching cyber-attacks with apparently financial motive on organizations in many countries, including USA, India, United Kingdom, etc.

Perhaps state-sponsored cyber-attacks have a stronger effect in that the different TTPs (tactics, techniques and procedures) that the attacking nations employ are creating opportunities for more attackers. An example of TTP is that of SWIFT attacks wherein there's theft of the SWIFT credentials of a bank for dispatching requests of fraudulent transfers. Another is of payment switch employment wherein malware is used for compromising ATMs so the attackers are enabled for illegitimately withdrawing money. North Korea may be cited as one nation employing the techniques.

» SPAMfighter News - 8/12/2019