It is no news that the COVID-19 pandemic and the subsequent shift to work from home have inherently changed the way we function. However, this change has also led to a spike in attacks against financial institutions. BAE Systems Applied Intelligence published the COVID Crime Index 2021 report. It has analyzed the way work from home has impacted the financial sector.
Some stats your way
The research has been conducted on the basis of two surveys carried out with 902 organizations operating in the financial sector in the U.S. and the U.K.
- Insurers and banks witnessed a rise in botnet, phishing, and ransomware attacks by 35%; mobile malware by 32%; COVID-related malware by 30%; and insider threats by 29%.
- Financial losses have reached $720,000 due to online criminal activity alone.
- While 86% of banks and insurers believed that remote working diminished the security of their firms, 44% stated that their networks lack visibility.
Trends observed
- The pandemic has resulted in a gush of cybercrime and global financial institutions. Phishing is the most common initial vector.
- Nevertheless, COVID-themed scam emails didn’t attain the anticipated heights.
- Many organizations were forced to cut security budgets due to financial pressures brought by the pandemic. The survey found that IT security, fraud, cybercrime, and funding risks have seen a cut of 26% over the past 12 months.
Recent attacks on financial services
- Two phishing attacks were found aimed at JPMorgan Chase Bank customers. The attacks executed brand impersonation and social engineering tactics to steal login credentials.
- Lloyds Bank customers are being targeted via text message scams, informing them of a new payment scheduled by their accounts. However, this time, Britons are the specific targets.
- The Janeleiro banking trojan was spotted attacking corporates in Brazil. Along with the financial sector, the trojan attacked healthcare, retail, manufacturing, and engineering sectors.
The bottom line
Cybersecurity is ultimately a human issue whereas technology is just a platform and tool for attacks. With a dramatic alteration in the threat landscape, the attack surface has expanded with threat actors benefitting massively from it. Although there have been significant developments in the cybersecurity posture of financial institutions, there remains scope for improvement.
Source: https://cyware.com/news/work-from-home-cyberattacks-and-financial-organizations-an-undesirable-trend-209416fa