Ransomware considered top threat to financial sector

Securing supply chains and cloud-related challenges are the highest priorities for organizations working in financial services.

Helsinki, Finland – March 10, 2022: The potential financial, operational, and reputational impact of ransomware make it the top threat facing financial services organizations, according to a new report from cyber security provider F-Secure.

Phishing, exposed remote desktop protocol (RDP) ports, and the exploitation of vulnerable software, are called out as the three most common principal intrusion vectors for ransomware. The report also notes that the scale and sophistication of ransomware attacks have increased in the last two years.

And while the report forecasts that ransomware will remain a predominant threat for at least the next 12 months, it also highlights defensive strategies that can help reduce the impact of ransomware attacks.

“Financial service organizations that understand their IT estates, what opportunities they have to detect attacks, and what risks and threats are facing their industry, can prepare themselves to mitigate most of the damages caused by the kind of ransomware attacks we see today,” said F-Secure Global Head of Incident Response Joani Green. “Detecting attacks is obviously the first step, but organizations that prepare a full plan for responding to ransomware can put a stop to these incidents in a matter of hours instead of days or weeks.”

Even though financial services organizations consider ransomware to be the top threat, the report found that supply chains and cloud security were key areas of concern. The report lists several reasons justifying organizations’ concerns with these areas but identifies the spread of capabilities from nation-state threats to cyber criminals as a common development for both.

“If you look at the threat landscape as a whole, tactics, techniques, and procedures trickle down from the highly-skilled, well-resourced nation-state attackers to professional cyber criminals. That’s why cloud security and supply chain attacks are the financial sector’s biggest concerns. Ransomware attacks are viewed by many in the sector as today’s biggest threat to operational resilience, but we can already see the signs that attacks against these other areas will become more important in the months and years ahead,” said F-Secure Head of Threat Intelligence Callum Roxan.

Callum Roxan

Other findings discussed in the report include:

  • Financial services organizations are struggling to manage vulnerabilities in their infrastructure. The exploitation of vulnerabilities is a key vector in many high-impact intrusions by both state-sponsored threat actors and cyber criminals.
  • Technologies such as SWIFT, Open Banking, and ATMs present an ongoing risk to financial organizations as offensive techniques deployed against these technologies evolve. Financially motivated state-backed groups continue to conduct ATM cashouts, fraudulent abuse of compromised bank-operated SWIFT system endpoints, and cryptocurrency theft.
  • Cryptocurrency related attacks have increased, making it important for central banks to secure digital currency infrastructure (particularly as they increase their cryptocurrency holdings and roll out their own digital currencies).

The full report is available for download at https://www.f-secure.com/en/business/resources/financial-services-threat-landscape/publication.

About F-Secure

Nobody has better visibility into real-life cyber attacks than F-Secure. We’re closing the gap between detection and response, utilizing hundreds of our industry’s best technical consultants, millions of devices running our award-winning software, and ceaseless innovations in artificial intelligence. Top banks and enterprises trust our commitment to beating the world’s most potent threats. Together with our network of the top channel partners and over 200 service providers, we’re on a mission to make sure everyone has the enterprise-grade cyber security we all need.

Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.

f-secure.com | twitter.com/fsecure | linkedin.com/f-secure

F-Secure media relations

Adam Pilkey

PR Content Manager

+358 40 637 8859
adam.pilkey@f-secure.com

Press list

Sign up for media information from F-Secure.

We process the personal data you share with us in accordance with our Corporate Business Privacy Policy.

Press archive

By year

Browse through our news by year.

By category

Browse through our news by category.