Digital innovation continues to accelerate, but modernisation also offers a fertile breeding ground for cybercriminals. According to IBM’s 2023
Cost of a Data Breach Report, surveying cybercrime across 16 countries, the financial sector comes in second in the global cyberincident damage statistics.
More gravely, the average cost of a cyberattack is highest among financial institutions compared to other institutions, with organisations incurring losses of almost USD $5.9 million per incident.
In this article, we’ll discuss the most common cyberattacks threatening the financial sector, the impact of attacks on financial institutions and banks, as well as the biggest cyberbreaches over the past year.
What cyberattacks pose the biggest risk to financial institutions?
Globally, the biggest cyberthreat to financial institutions continues to be malware, with ransomware specifically making up 63% of attacks in 2023, compared to only 18% in the previous year.
Source:
PTSecurity
Other than ransomware, the following malware types have posed the biggest threat to financial institutions over the last year:
- Loaders
- Remote control trojans
- Spyware
- Banking trojans
- Data wiping malware
Yet 2023 saw a shift in the way malware was delivered. While social engineering attacks decreased (from 47% to 25%), incidents exploiting software vulnerabilities increased significantly. Another attack type that is on the rise are supply chain attacks,
where cybercriminals exploit vulnerabilities in an organisation’s supply chain in order to spread malware across several businesses.
How much impact does a cyberattack have on organisations?
Globally, the average cost of a cyberbreach rose by 2.3% too USD 4.45 million according to the IBM report, with financial institutions incurring even higher losses of around USD $5.9 per incident. Even more jarring, the report found that it took organisations
an average of 207 to identify a breach and another 73 days to contain it.
In terms of locality, the US is the region with the highest average cost of a data breach (USD $9.48 million), while the UK dropped out of the top five most affected regions in 2023 after a 16% drop in average cost to USD $4.21 million.
Additionally, smaller businesses were experiencing considerably higher data breach costs in 2023 compared to 2022. Due to the high cost of a cyberattack, the majority of organisations (independent of size) indicated that data breaches have led them to increase
the prices of services and products, passing the cost on to the consumers.
Source:
PTSecurity
What were the biggest cyberbreaches in 2023?
LockBit ransomware attack on BSI
In May 2023, the
LockBit ransomware group launched an attack on one of Indonesia’s largest banks, BSI. The bank refused to pay the USD $20 million ransom requested, so the attackers leaked over 1.5 TB of the bank's confidential data online, including personal and financial
information of circa 15 million customers and employees.
ICBC ransomware attack
Exploiting vulnerabilities in the tech stack of the US arm of
Industrial and Commercial Bank of China (ICBC) enabled attackers to launch a ransomware attack that temporarily disrupted trading in US Treasuries in November 2023. ICBC is reported to have paid the ransom in order to re-gain access to its full tech stack.
MOVEit file transfer application vulnerabilities
In the first half of 2023, a group of cybercriminals was actively exploiting a zero-day vulnerability in the secure data transfer application
MOVEit Transfer. Several organisations using the application suffered data breaches as a result, and a new patch update was made available in June 2023.
Open-source software supply chain attacks
In spring 2023, application security company
Checkmarx identified a string of open-source software attacks that specifically targeted the banking sector. Using advanced techniques and deceptive tactics, the cybercriminals exploited legitimate services for to deliver malicious open-source packages.
Checkmarx warns that industry-wide collaboration is essential to strengthen defenses against these attacks, because current controls and measures often fall short in preventing breaches.