Cybersecurity and managed security services provider, Trustwave, has revealed the biggest cyber threats facing financial services organisations after its latest research.
The Trustwave report, ‘2023 Financial Services Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies‘, explores the specific threats and risks the financial services industry faces, along with practical insights and mitigations to strengthen defences.
Trustwave SpiderLabs is the company’s team of ethical hackers, security and penetration testers, incident responders, forensic investigators, malware reversers, and security researchers. In its new research, Trustwave SpiderLabs documents the attack flow utilised by threat groups, exposing their tactics, techniques, and procedures. From email-borne malicious attachments to abuse of valid accounts, these persistent threats pose significant risks to the financial services sector.
Financial services organisations are attractive targets because of the elevated potential for monetary gain. Serving as repositories of wealth, this sector is flush with lucrative opportunities for cybercriminals, who exploit them for financial gains through extortion, theft, and fraud.
In addition to the money itself, the financial services sector stores large volumes of sensitive data, including customer information, financial records, and intellectual property.
Kory Daniels, CISO of Trustwave, explained the importance of its research efforts for the financial sector: “Cybersecurity is the foundation of trust in the financial services industry.
“For financial institutions, it isn’t just about protecting data, it’s also about safeguarding the financial well-being and peace of mind of customers.
“Our latest threat briefing is a valuable resource for security leaders within the financial services sector, providing a comprehensive view of the threats observed by our SpiderLabs team, along with specific mitigation strategies to help organisations protect extremely sensitive data and assets.”
The dangers of generative AI
Generative artificial intelligence (AI) has recently dominated attention thanks to significant advancements. Much of the ‘hype’ surrounding generative AI can be attributed to the popularity of OpenAI’s ChatGPT.
While many have recognised the possibilities this represents for increasing productivity in the workplace, Trustwave also reveals that fraudsters are making use of the technology to ensure their methods see more success.
One example of this is the use of AI to make the crafting of phishing emails even easier, more compelling, highly personalised, and harder to detect. In the past, phishing emails have generally been easy to identify via the likes of spelling and grammatical errors. However, the danger that AI presents is that phishing emails will, and in many cases already have, become more sophisticated and harbour fewer errors for potential victims to pick up on.
Other key findings
The Trustwave SpiderLabs report analyses threat groups and their methods throughout the attack cycle, from initial foothold through to exfiltration. It found that the Clop threat group accounted for 39 per cent of ransomware incidents targeting the financial services sector.
Meanwhile, it also discovered that a majority of the targeted financial services companies reporting a breach are from the US (51 per cent) with India (nine per cent), and Russia/Mexico (seven per cent) coming in second and third, respectively.
When looking at which methods are most prevalent amongst fraudsters, Trustwave also found that HTML attachments make up 78 per cent of the file types used for email-borne malware attachments. Thirty-three per cent of these HTML files employ obfuscation as a means of defence evasion.