Majority of banks paid ransom for cyberattacks last year
Cloud computing company VMware says its most recent report has found a drastic increase of destructive cyberattacks, with 74% of businesses interviewed experiencing one or more ransomware attacks in the last year.
Its report, 2022 Modern Bank Heist, is an annual look into the experiences of top financial and security leaders regarding cybercriminal cartels and offers insights on the shift of defensive methods.
VMware says financial institutions are falling victim to ransomware more often than in past years as sophisticated cybercrime cartels evolve beyond wire transfer fraud to target market strategies, take over brokerage accounts and island hop into banks.
The report found that 63% of financial institutions admitted experiencing an increase in destructive attacks, with cybercriminals leveraging this method to burn evidence as part of a counter incident response.
Additionally, 63% paid the ransom for cyberattacks. When asked about the nation-state actors behind this criminal activity, most financial instructions stated Russia posed the greatest concern as geopolitical tension continues to escalate in cyberspace.
Other findings include 60% of financial institutions experiencing an increase in island hopping, a 58% increase from last year. The increase represents a new era of conspiracy, where hijacking the digital transformation of a financial institution via island hopping to attack its constituents, has become the ultimate attack outcome.
Meanwhile, 67% of financial institutions observed the manipulation of time stamps, an attack called Chronos named after the god of time in Greek mythology.
Former assistant director of the U.S. Secret Service Jeremy Sheridan says he has seen an evolution in complex cyber-enabled fraud in his investigative capacity to protect U.S. financial payment systems and infrastructure.
"There are a variety of reasons for the opportunities, motives, methods, and means related to criminal activity. At the forefront is the swelling profitability of these crimes which, of course, motivates criminal actors.," he says.
"The persistent, inadequate security of systems connected to the internet provides opportunity and methodology."
The security of cryptocurrency exchanges is also top of mind for financial institutions, concerning 83% of them. VMware says the advantage of targeting cryptocurrency exchanges for cybercriminals is that successful attacks can be immediately and directly turned into cyber cash.
In this kind of climate, the majority of financial institutions plan to increase their budget by 20-30% this year, the top priorities including extended detection and response (XDR), workload security, and mobile security.
"The proliferation of digital money payment systems has created a global, instantaneous, and pseudo-anonymous means to facilitate their actions. All of these factors have facilitated the maturation of a cybercriminal ecosystem that has not been sufficiently suppressed," says Sheridan.
VMware principal cybersecurity strategist Rick McElroy says consumers often treat cryptocurrencies as if they aren't real currencies.
"People trust exchanges that are new to the game even though they aren't providing adequate protection to their currency or even their own admin accounts," he says.
"In a crypto-based world, consumers should assume a certain level of responsibility in the protection of their cryptocurrency. There are no assurances that cybercriminals won't target the exchanges, the warm wallets or cold storage. Assume wherever the money is, there will also be criminals trying to steal it."
VMware conducted the online survey in February 2022 about evolving cybersecurity threats facing financial institutions with 130 financial sector CISOs and security leaders worldwide.
The survey received responses from North America, Europe, Asia Pacific, Central and South America and Africa.