Cybersecurity trends and challenges in the financial industry
Cybersecurity trends and challenges in the financial industry
Lourdes Mora, Intelligence Analysts Team Leader at S21Sec
Reflecting the fast technology growth, in recent years online banking services have gained more weight, becoming a vital part of the financial ecosystem by integrating a wide range of utilities, from real-time payments to requesting advice online. All this has led to the financial industry becoming an attractive target for cybercriminals, who have diversified attack techniques to carry out cyberattacks against major financial institutions, such as the one that took place in February 2024 against the International Monetary Fund (IMF).
Faced with an increasingly complex threat landscape, banking organizations are redefining their security strategies to adapt to a new digital environment, adopting a higher level of protection to protect the financial assets and sensitive information of millions of citizens.
Cybersecurity Ecosystem in the Financial Sector
The frequency of attacks against the financial industry is growing every day, with the emergence of more sophisticated and clearly targeted threats being observed. In 2024, there has been a significant increase in the activity of banking Trojans, such as Casbaneiro, Grandoreiro, Coyote and Chavecloak, which employ advanced infiltration and evasion techniques to steal banking credentials and financial data, according to the latest semi-annual 'Threat Landscape Report' by Europe's leading cybersecurity company S21Sec, a Thales Group entity.
Through these advanced Trojans, scams, cryptocurrency thefts and malwares that prompt the victim to click on a link or open a malicious attachment, cybercriminals use different tactics to obtain sensitive information from users, taking advantage of social engineering to achieve their goals, highlighting ransomware attacks. Attackers not only encrypt or transform data from a readable format to an encrypted one, but also extort the victim with exorbitant payments for the release of the information. In addition, this type of malware has evolved to include double extortion techniques, threatening to publish the information if payment is not made.
With the growing popularity of cryptocurrency exchange platforms, attackers have continued to develop new ways to compromise digital wallets, critical points that are also known as wallets. Among the tactics used in 2024 against the cryptocurrency market is the “CryptoChameleon” phishing attack, which clones login pages and uses emails, SMS, and phone calls to harvest user credentials thanks to its high personalization.
In addition, with Artificial Intelligence (AI), cybercriminals have increased the effectiveness and scope of these attacks, through the cloning of voices in automated phone calls, known as vishing. In addition, other types of scams that represent a growing challenge for the financial sector include phishing through text messages (smishing) and the use of fake QR codes to direct victims to malicious websites (Qrishing), among others.
How to improve cybersecurity in the financial sector?
The growing popularity of the use of mobile banking apps and cryptocurrency investment platforms requires a higher degree of security to ensure the confidentiality of user information. Among some tips to apply to reduce the risk of our financial data being subject to theft, it is essential to apply preventive measures to avoid possible leaks of sensitive information.
Therefore, it is essential to manage credentials correctly to protect access to online accounts through the use of strong and unique passwords for each account, avoiding sharing these keys with other users, as well as updating them periodically. In addition, among other basic concepts of cyber hygiene, it is recommended to log out of accounts on all devices and activate the two-factor authentication to generate a temporary code to verify your identity. And, in case of accessing them through a browser, you should proceed to delete the cookies so that the session data is not stored in them.
Another risk vector is the receipt of SMS and e-mails that encourage the victim to click on a link or open a malicious attachment. To avoid these phishing attacks, users should only access notifications from official financial authorities, ignoring any malicious links they may receive from third parties.
To counter this threat, cybersecurity measures are required to build a more protected financial landscape with a higher level of robustness in cybersecurity measures. Therefore, it is necessary to invest in monitoring capabilities and services managed by Security Operations Services (SOC), where solutions that counter threats such as malware are implemented. All this must be complemented by the promotion of a strengthened cybersecurity environment from which people are made aware of cyber risks, providing them with tools to protect their financial assets against social engineering techniques or the exploitation of vulnerabilities carried out by cybercriminal organizations.
