Robbing a bank used to involve a mask, a gun and a fast car, but these days it’s more likely to be done via the safer and no less lucrative means of a cyberattack.
A new report from cloud security specialist Carbon Black, based on responses from CISOs at 40 major financial institutions — including six of the top 10 global banks — seeks to better understand the attack landscape.
Among the findings are that 90 percent of financial institutions report being the subject of a ransomware attack in 2017. In addition one in 10 respondents report encountering destructive attacks unrelated to ransomware, such as application attacks and fileless malware. These potentially enable cybercriminals to move freely and laterally within an organization’s network and often go completely overlooked until it’s too late.
Attackers are also using non-malware attack methods. PowerShell (89 percent), Windows Management Instrumentation (59 percent) and Secure File Transfer Protocol (28 percent) are the top three ‘good tools’ attackers have used to target financial institutions. Non-malware attacks account for half of successful breaches.
“Cyber defense is evolving into a high-stakes game of digital chess, and this latest report offers clear evidence that the cybersecurity challenges facing financial institutions will only worsen,” says Carbon Black’s chief cybersecurity officer, Tom Kellermann writing on the company’s blog. “Taking a more proactive approach to defense through the establishment of a threat hunting and incident response team is imperative to stopping future attacks.”
In response to the changing nature of attacks, 37 percent of respondents say they have established threat hunting teams. There is concern about the security of technology partners too, with 44 percent of financial institution CISOs saying they are concerned with the security posture of their Technology Service Providers (TSPs).