“Life in the SOC” is a Blog Series that shares experiences of the BlueVoyant SOC defending against the current and prevalent attacks encountered by our clients. The blogs discuss successful detection, response and mitigation actions that can improve your defensive capabilities.
The novel coronavirus has had a wide impact on multiple industries. As organizations globally try to figure out how to operate in the new normal, the financial sector continues to be a prime target. Cyber criminals are positioning themselves to take advantage of the increased attack surface and the growing confusion among netizens.
Attacks on banks and other financial institutions have increased an astounding 238% since the start of the global pandemic. Cyber criminals are quick to ride the coattails of various movements, initiatives, and programs to conduct massive campaigns. Threat actors are using fake COVID tracking apps, promises of information on the global pandemic, support to the Black Lives Matter movement, and more - all while a greater part of the workforce is working remotely.
Adding to security risks, consumers are using online digital financial services more than ever before. The FBI appears to be putting the onus of protecting those customers on the financial institutions. The FBI stated that with so many newcomers to mobile banking, financial institutions need to protect customers from unwittingly downloading malicious applications. Furthermore, the FBI noted a 50% increase in mobile banking use since the outbreak of the pandemic and stated, “As the public increases its use of mobile banking apps, partially due to increased time at home, the FBI anticipates cyber actors will exploit these platforms.”
In the US alone, more than 45% have changed the way they bank due to the COVID crisis. Based on a European customer survey by McKinsey, there has been a 20% increase in digital engagement levels, to go along with a significant decrease in the use of cash. According to A. Selemonaitė, Deputy CEO at Connectpay, this shift to online will remain even after the coronavirus pandemic, further accelerating digital market development.
Compounding matters, several recent ransomware campaigns are taking advantage of US remote workers. They rely on more lax security measures. But, according to a report released by Recorded Future, ransomware attacks against US financial institutions are actually down, due to better security posture and organizational leadership taking security seriously.
Ransomware attacks against financial institutions outside the US have shown a notable rise over the past few months. Recorded Future catalogued more than 200 publicly reported ransomware attacks against banking and financial institutions outside of the United States between April 2019 and April 2020. During the same period, there were just over 40 publicly reported ransomware attacks against financial institutions in the United States.