Cyber landscape, threats and trends in financial services
Threat actors may look to infiltrate software vendors.
Let there be no mistake about it: Cyber threats and risks of serious breaches are not going anywhere.
Financial services organisations will continue to be susceptible to cyber-attacks due to the concentration of financial and digital assets they hold.
Moreover, as finance organisations explore and implement various avenues such as digital and mobile platforms to deliver their services and products to consumers, the ever-expanding attack surface only increases their cyber risk exposure.
One key factor contributing to increased cyber risk is the rapid speed of digital transformation in the financial services sector. There is concern that the pace of the development and implementation of new technologies designed to achieve objectives such as, among others, better customer experience and faster service may exceed an organisation’s ability to put in place necessary cyber security and privacy measures. The bottom line is that digital transformation projects, while essential to today’s financial services organisation, also increase cyber risk exposure.
Third-party risk is a critical concern, as well. According to The Cybersecurity Imperative: Managing Cyber Risks in a World of Rapid Digital Change, firms across the financial services sector reported that in two years they expect to see an exponential rise in attacks through partners, customers and vendors. Firms are more cognisant of their expanded vendor and business partner ecosystem, which is opening up more entry points and vulnerabilities that can be exploited in a cyber-attack.
In speaking to organisations throughout the industry, we expect there to be sustained attacks on the financial services sector over the next 12 months as threat actors use a variety of methods and techniques to exploit their targets. Some of these methods may include:
- Infiltrating large supply chains through small vendors: Threat actors may look to infiltrate software vendors or software-as-a-service (SaaS) products used in larger technology supply chains to compromise multiple enterprises simultaneously.
- Attacking third party software tools: As more organisations rely on ‘plug and play’ software kits and open source tools, they are more likely to be targeted. Such reliance on third party software means breaches could be difficult to detect and mitigate quickly without service disruptions.
- Extortion attacks will become the new ransomware: Given the increased regulatory scrutiny and introduction of enhanced privacy laws (e.g., the GDPR in the EU and the California Consumer Privacy Act in California, USA), threats are likely to leverage a company’s fear of publicised data breaches and regulatory fines to extort money.
Emerging cyber trends
As the number of sustained attacks increases, investment in emerging technologies is likely to be a key theme in the next year and beyond for all organisations. According to responses to our recent cybersecurity benchmarking study, firms now use a variety of technologies, from multi-factor authentication (90%) to internet-of-things (IoT) (62%) and AI (44%).
There’s a flip side to these new technologies in the cyber war.
While cryptocurrencies are unlikely to penetrate the mainstream banking industry in short term, blockchain is likely to make headlines and have a positive impact on cybersecurity measures. According to the study, 68% use blockchain today and that number is expected to increase.
The technology offered by blockchain offers multiple potential benefits, including a higher level of authentication and improved resiliency. Blockchain technology could allow organisations to use distributed public key infrastructure to authorise users by their devices, which is a stronger method of authentication than passwords. The certificate data is managed on the blockchain, making it harder for cyber criminals to attack the system and falsify certificates. Financial services firms may adopt this technology in cases where increased levels of access controls and authentication are required.
AI is also set to have a significant impact on cybersecurity – respondents to the survey (56%) said new technologies such as AI will have the biggest impact on their cybersecurity risks and how they are managed. AI offers many potential benefits, including the ability to automate complex processes for detecting attacks and reacting to breaches. For example, data deception technology can automatically detect, analyse and defend systems against complex and sophisticated threats such as zero-day attacks by proactively detecting attackers.
Emerging cyber threats
But there is a flip side to these new technologies in the cyber war. While emerging tech such as AI and IoT offer multiple benefits to financial services organisations and their customers and clients, they can also be used by threat actors to carry out advanced and sophisticated attacks.
Consider this: Through employing AI and machine learning techniques, perpetrators can launch intelligent cyberattacks equipped with autonomous decision making and self-learning abilities to identify, assess and exploit system or network weaknesses. These sophisticated cyber-attacks do not need to rely on a set of coded instructions as they breach and travel through an organisation’s cyber defenses, compromising digital assets while covering their tracks.
Cryptomining also has gained notoriety as a leading cyber threat in the marketplace, where malicious code seeks to steal computing resources to generate revenue via mining of cryptocurrencies. This form of attack is stealthy and difficult to detect, and the damage is not always obvious to those impacted. Once the malware is deployed, usually through standard attack methods (e.g. malicious links, script injecting), the malware goes to work in the background, usually without triggering any warnings. Sheer volume of computing resources used by financial services organisations makes them perfect targets for this type of malware attack.
Threat actors will also continue to use traditional methods and evolve these techniques to hit their targets, including advanced phishing and social engineering. Spear phishing attacks are becoming increasingly prevalent, where an attacker masquerades digital messages to target individuals, particularly senior executives.
Conclusion
Cybersecurity will continue to play a prominent role in financial services in the coming years and organisations will continue to be targeted by threat actors. Regulators’ increased focus on operational resilience will also demand that financial institutions tighten up their approach to cybersecurity. Most senior leadership teams now view it as a high priority. The level of cybersecurity spending suggests financial services firms are taking the risk seriously – which is positive to see – and are viewing cybersecurity as an enabler of business rather than as a financial burden.
By Hirun Tantirigama, associate director, security and privacy practice, Protiviti UK
