Cybercrime groups keep up with their diligent efforts to infiltrate financial institutions and the trend has refused to change in 2018, as they adopted new techniques and expanded their areas of attack to a more extensive geography.
Here’s a recap of 2018:
- With the arrest of cyber criminals likeCarbanak/Cobalt andFin7, among others in 2018, some companies and financial institutions around the world expected a cessation in activities. But, it only seems to have split these groups into smaller cells, each with its own life.
- Attempts were made on banks, fintech companies, crypto-exchanges, PoS terminals, ATMs, and in terms of geography, covered dozens of countries, located in Asia, Africa and Latin America.
- Of these, young fintech companies and crypto-exchanges are at a higher risk, as their security systems are expected to be immature.
- Cryptocurrency traders were targeted using a special seemingly legitimate software which brought a malicious update to create a backdoor.
- The MageCart group accessed a lot of payment card data, by infecting website payment pages (including that of British Airways) by using the vulnerabilities in Magento, a popular platform used by online sellers.
- ATM malware is expanding and growing bigger with about 20 known families in operation currently.
- Attacks were made on banking systems, supply chains, popular news sites, forums, the financial departments of large industrial companies, where payments of hundreds of thousands of dollars would not ring any alarm bells.
- Most such attacks are ending with the attackers installing remote administration tools on infected computers such as RMS, TeamViewer, and VNC.
- New users of internet banking over mobile were specifically targeted.
- They attempted to target biometric data for theft and fraudulent use.
We are sure that these fragmented cybercrime groups will prove more active than ever, in their efforts to attack financial institutions by intensifying their attacks. The number of potential victims and their geographies is also expected to increase, given the growth in the number of groups and their ability to increase both the quality and scale of their activities. With the emergence of new local groups attacking financial institutions in the Indo-Pakistan region, South-East Asia and Central Europe.
Threat perceptions for 2019
Based on careful consideration and extensive research, we can say that the threat is highest for financial institutions, not only because they hold the money but also because of the sophisticated methods available to cybercriminals at this time:
- Attacks on software providers can also allow attackers to gain access to several major targets. If they are not careful, small companies supplying specialized financial services for larger players will be jeopardized first, such as the suppliers of money transfer systems, banks and exchanges.
- Cybercrime is also focusing on systems which accept online payments. Even as PoS terminals escape much threat, online payment platforms, bank cards without chips and bank transactions made without two-factor authorizations will face risks.
- Financial institutions can expect data breaches using physical devices connected to their internal networks, which brings home the need to establish better control over all devices in a network.
- Businesses using mobile applications can be breached at the Web API level or through the supply chain, becoming another easily monetizable target when compared to attacking individuals.
- Apart from phishing attacks and ransomware scams, we can expect blackmail via social media, customer data breaches, infrastructure which hosts applications through SQL injection, cross-site scripting and other methods as well as critical infrastructure providers in sectors like energy, finance and defense.
- Advanced social engineering campaigns use no malware, but target internal employees in charge of wire transfers in another effective way to defraud companies and financial institutions. Such attacks are made possible by data previously breached, which supplies the criminals with enough background information on business partners and directors, to appear totally legitimate and believable when they ask for the wire transfer of huge sums of money.
It is estimated that criminally-minded data breaches, thefts, IP thefts, fraud, stolen money, human failure and the ensuing need for forensic investigations, system restorations, lost productivity and custom along with reputational damage could all cost upwards of 6 trillion dollars by the year 2021.
