03/06/2022 08:19
The financial sector and that of commercial and professional services were among the illustrious victims of cyber criminals in 2021, as highlighted by the latest ‘M-Trends Report 2022’ of …
The financial sector and that of commercial and professional services were among the illustrious victims of cybercriminals in 2021, as highlighted by the latest ‘M-Trends Report 2022‘ from Mandiant.
From ransomware to zero-day exploits: how hackers strike
But how do hackers move? Their goals seem to have changed in recent years, and ransomware attacks are now being used more frequently in the financial sector. During these attacks, the hackers, after gaining access to the victim’s network, encrypt their data and take them “hostage”. Subsequently, the victims receive a ransom note. In the past, these were often the result of “malware spamming”, ie through a mass distribution of malware, but now a new trend is taking hold: ransomware attacks are prepared for months, they are targeted, and victims are carefully selected.
The research shows that in addition to ransomware, there are other techniques to target the financial sector: including zero-day exploits, that is, those vulnerabilities in terms of security that companies are not aware of due to the fact that not even the manufacturer of the vulnerable software does it. was.
Attacks on the supply chain are among the most recent trends. The increasing specialization of attackers and the amalgamation of individual hacker groups with different skills have opened up new opportunities for them. Instead of directly attacking a bank, they infiltrate a company whose software or service provider is used by as many lenders as possible. The hacker thus compromises many other institutions through the supply chain. “It could be said that instead of obtaining the key to a single apartment, hackers steal a passe-partout valid for an entire condominium,” explains the report which then focuses on web skimming activities. In the latter case, the hackers’ ‘job’ is to take customer payment data from online shops or payment sites to steal their money.
Even cryptocurrency theft is increasingly in the eye of the storm for hackers for two reasons: it allows you to get rich and at the same time take advantage of the complexity in tracking cryptocurrencies to launder money. The victims of these thefts are not only the owners of Bitcoin and Ethereum but also their institutions.
How to defend yourself
According to Mandiant, when it comes to defending against cyber attacks, whether it be spying or ransomware, the more you know the attackers’ strategies, the more effectively you can repel them. Thus, a systematic risk assessment of the banks’ IT infrastructure is necessary and the subsequent selection and installation of specific security solutions to counteract the phases of attacks where there was less visibility and mitigation possibilities.
“Being aware of how hacker groups operate allows cyber security specialists to more effectively protect banks from cyber threats and thus safeguard their systems”, concludes Gabriele Zanoni, Mandiant’s consulting country manager. “The collaboration with external experts on Incident Response and Threat Intelligence issues allows the security managers of credit institutions to take advantage of the most up-to-date know-how to counter the most sophisticated cyber threats”.