Increasing Chances of Cyber Attacks threaten the Financial Industry in 2019

Cybercrime groups keep up with their diligent efforts to infiltrate financial institutions and the trend has refused to change in 2018, as they adopted new techniques and expanded their areas of attack to a more extensive geography.

Here’s a recap of 2018:

  • With the arrest of cyber criminals likeCarbanak/Cobalt andFin7, among others in 2018, some companies and financial institutions around the world expected a cessation in activities. But, it only seems to have split these groups into smaller cells, each with its own life.
  • Attempts were made on banks, fintech companies, crypto-exchanges, PoS terminals, ATMs, and in terms of geography, covered dozens of countries, located in Asia, Africa and Latin America.
  • Of these, young fintech companies and crypto-exchanges are at a higher risk, as their security systems are expected to be immature.
  • Cryptocurrency traders were targeted using a special seemingly legitimate software which brought a malicious update to create a backdoor.
  • The MageCart group accessed a lot of payment card data, by infecting website payment pages (including that of British Airways) by using the vulnerabilities in Magento, a popular platform used by online sellers.
  • ATM malware is expanding and growing bigger with about 20 known families in operation currently.
  • Attacks were made on banking systems, supply chains, popular news sites, forums, the financial departments of large industrial companies, where payments of hundreds of thousands of dollars would not ring any alarm bells.
  • Most such attacks are ending with the attackers installing remote administration tools on infected computers such as RMS, TeamViewer, and VNC.
  • New users of internet banking over mobile were specifically targeted.
  • They attempted to target biometric data for theft and fraudulent use.

We are sure that these fragmented cybercrime groups will prove more active than ever, in their efforts to attack financial institutions by intensifying their attacks. The number of potential victims and their geographies is also expected to increase, given the growth in the number of groups and their ability to increase both the quality and scale of their activities. With the emergence of new local groups attacking financial institutions in the Indo-Pakistan region, South-East Asia and Central Europe.

Threat perceptions for 2019

Based on careful consideration and extensive research, we can say that the threat is highest for financial institutions, not only because they hold the money but also because of the sophisticated methods available to cybercriminals at this time:

  • Attacks on software providers can also allow attackers to gain access to several major targets. If they are not careful, small companies supplying specialized financial services for larger players will be jeopardized first, such as the suppliers of money transfer systems, banks and exchanges.
  • Cybercrime is also focusing on systems which accept online payments. Even as PoS terminals escape much threat, online payment platforms, bank cards without chips and bank transactions made without two-factor authorizations will face risks.
  • Financial institutions can expect data breaches using physical devices connected to their internal networks, which brings home the need to establish better control over all devices in a network.
  • Businesses using mobile applications can be breached at the Web API level or through the supply chain, becoming another easily monetizable target when compared to attacking individuals.
  • Apart from phishing attacks and ransomware scams, we can expect blackmail via social media, customer data breaches, infrastructure which hosts applications through SQL injection, cross-site scripting and other methods as well as critical infrastructure providers in sectors like energy, finance and defense.
  • Advanced social engineering campaigns use no malware, but target internal employees in charge of wire transfers in another effective way to defraud companies and financial institutions. Such attacks are made possible by data previously breached, which supplies the criminals with enough background information on business partners and directors, to appear totally legitimate and believable when they ask for the wire transfer of huge sums of money.

It is estimated that criminally-minded data breaches, thefts, IP thefts, fraud, stolen money, human failure and the ensuing need for forensic investigations, system restorations, lost productivity and custom along with reputational damage could all cost upwards of 6 trillion dollars by the year 2021.

Learn More about Encora

We are the software development company fiercely committed and uniquely equipped to enable companies to do what they can’t do now.

Learn More

Global Delivery

READ MORE

Careers

READ MORE

Industries

READ MORE

Related Insights

Enabling Transformation in Hospitality through Technology-Led Innovation

As the exclusive sponsor of the 2024 Hotel Visionary Awards, we support organizations leading ...

Read More

Key Insights from HLTH 2024: The Future of Patient-Centered Healthcare

Discover key insights from HLTH 2024 on digital health, AI in diagnostics, data interoperability, ...

Read More

Data-Driven Engineering: Transforming Operations and Products from Insight to Impact

Discover how data-driven engineering transforms operations and product development, enhancing team ...

Read More
Previous Previous
Next

Accelerate Your Path
to Market Leadership 

Encora logo

Santa Clara, CA

+1 669-236-2674

letstalk@encora.com

Innovation Acceleration

Speak With an Expert

Encora logo

Santa Clara, CA

+1 (480) 991 3635

letstalk@encora.com

Innovation Acceleration