Financial services firms have become the primary target of cyber criminals during the pandemic, according to a report in The Banker.
The surge in homeworking during the pandemic has increased the exposure financial firms have to cyber risk. Of all cyber incidents at financial services firms, 40 per cent are malicious, according to the report.
“The threat posed by cyber attacks to the financial sector has never been greater and Covid-19 has made this cat-and-mouse game even more difficult,” Brett Lancaster, head of the customer security programme at Swift, told The Banker.
“Staff have been staying away from their secure office environments and working remotely, mostly from home and organisations have had to accept additional security risks. Meanwhile, cyber criminals are adapting their methods to include spear phishing campaigns, account impersonation and takeovers of remote onboarding and meetings, creating new challenges.”
One type of attack that has become particular to financial services is known as a “zero-day exploit”, which is an attack against a software or hardware vulnerability that has been discovered but not publicly disclosed.
A zero-day exploit can see customers and vendors of IT assets also attacked with no predefined detection signatures or remedial patches available. The BIS said the situation is exacerbated by commercial firms conducting research to sell zero-day exploits on the open market, the report said.
Another type of cyber attack, which has been used against all types of companies for some years, involves a distributed denial of service where servers are flooded with traffic to exhaust bandwidth. The attacker then demands a ransom from the firm to avoid future attacks.
Lancaster explained that the situation prompted the European Central Bank to establish the Euro Cyber Resilience Board for pan-European Financial Infrastructures information sharing working group, chaired by Swift. He said it was the first time that major financial infrastructures, Europol and the European Union Agency for Cybersecurity have jointly taken steps to share cyber threat information across major European infrastructures.