Financial Services risk: Cyber security concerns grow

Cyber security experts warned of a perfect storm for financial institutions as Covid-19 led to a rapid and largely
unplanned increase in homeworking and electronic trading and this soon materialized. Attacks against the financial
sector increased 238% globally from the beginning of February 2020 to the end of April, with some 80% of
financial institutions reporting an increase in cyberattacks, according to cyber security firm VMware [1].

Recent months have also seen a number of major global cyber-attacks. In December 2020, the Orion system
of information technology firm SolarWinds was compromised, affecting about 18,000 customers. In March 2021,
Microsoft revealed that hackers were exploiting ‘zero-day’ vulnerabilities in its Exchange Server mail and
calendar software to access company networks. The attacks see vulnerabilities in Microsoft Exchange servers
being exploited to allow malicious code to be placed on them which can be used for ransomware, espionage
or even misdirecting the system’s resources to mine for cryptocurrency on behalf of the criminals.

Financial services companies continue to be heavily targeted, and typically feature in the top five sectors
for severity and frequency of cyber-attacks, according to Thomas Kang, Head of Cyber, Tech and Media,
North America at AGCS: “These companies hold a lot of sensitive data on individuals, businesses and
governments. At the end of the day, it is where the money is.”

Cyber is an existential issue for financial institutions, which is why they invest heavily in cyber security, says
Kang. However, with such potentially high rewards, cyber criminals will also invest time and money into
attacking them. “Take the Carbanak and Cobalt malware campaigns, for example. These targeted [2] over
100 financial institutions in more than 40 countries over a five year period, stealing over $1bn,” Kang adds.



Click here to read more