The number of cyber attacks on financial services more than doubled last year. The attackers have also become much more aggressive in their apporach and developed a strong will to persist with their campaigns.
Cyber attacks that aimed to harm their infrastructure increased by 160 percent on a global scale over the past twelve months, according to Carbon Black and Optiv Security, two cybersecurity firms.
Two-thirds of the banks and other financial firms polled by the authors claimed to have witnessed a general increase in cyber attacks against their companies. Among the companies were four of the world’s largest banks.
Digging In
The aspect that surprised the study authors the most was that a third of the companies had to fend off attackers who weren’t deterred by their defensive acts and took to countermeasures.
Hackers fight against expulsion from the system, the study showed. The cyber attacks thus turn into a kind of hostage-taking or siege, both of which take much longer and stiffer measures to end.
Social Engineering
The most common form of cyber attack (as witnessed by 79 percent of respondents) are so-called social engineering attacks. The criminal moves through several stages to prepare his attack. First, he evaluates his victim in a bid to collect the necessary background information for his attack.
He then contacts the victim with the intent of gaining his trust and get him to breach security practices, hand over secret information or give access to critical resources.
Transactions and Services Providers
Almost half of the firms detected an attack on transactions. They tend to exploit loopholes in the verification process and social engineering attacks aimed directly at customer support staff and clients.
Attackers also have taken to the so-called island hopping, 32 percent of the surveyed firms said. Island hopping means that an attacker sifts through the supply chain of a company in a bid to identify companies with the weakest defensive measures.
Government Warning
The most damaging and expensive attacks use trojans called «Emotet». The Swiss government in December issued a warning on the subject.
Criminals are attaching «Emotet» trojans to emails. Once installed on the computer, the trojan proceeds to upload further malware to computers.