SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Advanced Persistent Threat Protection
#
Blockchain
#
Breach Prevention

Trustwave highlights critical cyber threats to financial services

Wed, 11th Sep 2024
Author image
By Imee Dequito, Editor

Trustwave has released a series of reports detailing the threats facing the financial services sector.

This marks the second year of its ongoing research into critical security issues within the industry.

Trustwave SpiderLabs, the research arm of Trustwave, has highlighted several significant trends affecting the financial services sector. These include issues relating to cryptocurrency and ransomware. The reports provide an overview of threat actor techniques by attack stage and underscore unique factors pertinent to financial services.

The cybersecurity firm has also produced two detailed write-ups on specific threats: phishing-as-a-service and insider threats. Recent research by the Ponemon Institute has identified malicious insiders as the costliest type of data breach, followed by phishing, which is not only the second most expensive type but also the most prevalent.

“Digital trust is paramount for financial services to effectively operate in a hyper-competitive market, and the attack surface has never been more challenging with the size and the diversity of the data,” said Kory Daniels, Chief Information and Security Officer at Trustwave.

Daniels further added, “Our latest series of threat briefings highlight the urgent risks of insider threats and phishing-as-a-service attacks, offering vital insights and actionable strategies to help organisations defend their most sensitive data and assets. This resource is essential for business leaders and cyber defenders striving to stay ahead in an evolving threat landscape.”

Financial services organisations are particularly attractive to cybercriminals due to their wealth of sensitive financial data and substantial funds. The sector also contends with a unique cybersecurity landscape influenced by expanded regulatory requirements, heightened risk aversion, and consumer protection considerations.

Trustwave SpiderLabs' 2024 research series includes the following reports: the 2024 Trustwave Risk Radar Report: Financial Services, the 2024 Financial Services Deep Dive on Phishing-as-a-Service, and the 2024 Financial Services Deep Dive on Insider Threat.

Key findings from Trustwave SpiderLabs’ financial services research series include:

  • 24 per cent of ransomware attacks against the financial sector were attributed to ALPHV
  • 49 per cent of attacks against financial institutions originated from phishing
  • 20 per cent of ransomware attacks in the sector were targeted at banking institutions
  • 65 per cent of ransomware attacks targeting financial services occurred in the United States
  • 37 per cent of phishing emails in the industry contained HTML attachments
  • 73 per cent of credential access techniques were brute-force attempts

In 2023, Trustwave released its first Financial Services Threat Intelligence Briefing, which analysed the attack flow specific to the financial services sector. It offered insights on specific threat actors, actionable intelligence, and recommended mitigations for each stage.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Australia's new labour law complicates cybersecurity efforts
Entro Security report reveals critical risks in managing NHIs
Sophos report reveals education sector's ransomware battle
HackerOne launches free tier for vulnerability disclosure program
National Missing Persons Hackathon unites 700 cyber experts
Top stories
Lenovo & SentinelOne team up to boost global PC security
Exclusive: Tiger Brokers expands reach with university partnerships
Titan of Tech - Jason Oeltjen of Ping Identity
What cyber lessons can be learned from the Paris Olympics?
ColorTokens acquires PureID to enhance Xshield capabilities