Accenture Safety lists 5 different “excessive however believable menace situations in monetary providers” in a brand new report.
Monetary establishments have interdependent provide chains that supply a “broad, target-rich assault floor that adversaries can undermine,” a new report from Accenture warns. The agency listed it as the most recent safety pattern gaining significance.
The six threats recognized by Accenture are:
- Provide chains, which introduce more and more interconnected assault surfaces
- Credential and identification theft, which proceed to speed up
- Knowledge theft and information manipulation, which stem from new vulnerabilities and cybercriminal behaviors
- Rising applied sciences, particularly deepfakes and 5G, advance cyberthreats
- Harmful and disruptive malware assaults, which spur multiparty and cross-sector concentrating on
- Misinformation that’s shaking belief in retail and government-backed banks
Attackers have been conducting provide chain assaults for years, the Accenture report famous. “Nevertheless, provide chain threats to monetary establishments previously 12 months have primarily concerned expertise service suppliers (TSPs), together with managed service suppliers (MSPs) and cloud service suppliers (CSPs).”
Core monetary TSPs and IT service suppliers have been affected by ransomware incidents, which has disrupted providers for a few of their monetary establishment shoppers, the report mentioned.
The COVID-19 pandemic has quickly elevated the shift from an enterprise infrastructure to a digital and cloud surroundings to help distant workforces.
The agency is predicting that adversaries will exploit vulnerabilities throughout every of the core service classes of cloud—SaaS (software program as-a-service), PaaS (platform as-a-service), and IaaS (infrastructure as-a-service).
“These layers typically sit on prime of each other, chaining collectively probably weak environments supporting essential enterprise features,” the report mentioned. “Protections have to exist each inside every layer and holistically to thwart exploitation.”
As cloud proliferates, one of many greatest challenges to securing cloud platforms has been misconfigurations, Accenture mentioned.
For instance, a failure to deploy multifactor authentication (MFA) for all cloud providers and disable legacy providers menace actors can manipulate to bypass controls contributed to nearly all of cloud intrusions that the Accenture Cyber Investigation and Forensics Response (CIFR) crew responded to in 2019.
It’s probably this pattern will proceed; unprecedented utilization of PaaS, SaaS, and IaaS options as a result of COVID-19 pandemic foreshadow massive cloud breach disclosures sooner or later, the report said.
Credential and identification theft proceed to speed up
Credential and identification theft, compromise and abuse proceed to be cornerstones for focused assaults and fraud. As COVID-19 unfold throughout the globe, monetary establishments moved quickly to regulate their operations.
“Cybercriminals additionally moved swiftly to benefit from the expanded assault floor offered by way of largely distant workforces and wealthy feeding floor for fraud from the intensive authorities funding packages prolonged by way of monetary establishments to small companies in biggest want,” the report mentioned. “Credential-stealing malwares surged, together with cell malwares similar to EventBot19 and Cerberus, that are collectively able to stealing buyer credentials for greater than 200 monetary establishments.”
Knowledge theft and information manipulation
Menace actors have expanded their arsenal, combining information theft and information extortion throughout ransomware assaults. They understand that multi-pronged approaches towards companies assist to maintain ransomware as a profitable long-term strategy, the report said.
The idea of “naming and shaming” ransomware victims, coupled with threatening to launch stolen information makes the method of responding to ransomware infections more difficult, the report famous.
Rising applied sciences
As expertise quickly advances, cyber defenders and adversaries are all exploring use cutting-edge instruments. Specifically, malicious actors not too long ago used deepfake to extend the effectiveness of their campaigns, Accenture mentioned.
Additional, as monetary establishments proceed to fight enterprise e-mail compromise (BEC) and account takeover (ATO) assaults, they might want to observe the rising ways, strategies and procedures (TTPs) that adversaries could use to remain a step forward.
As fifth era cell networks are adopted, menace actors may also search to realize new benefits with 5G expertise.
“The alternatives for 5G in monetary providers abound. 5G will change into a general-purpose expertise for monetary providers organizations, offering new alternatives to create, retailer, and defend worth, to maneuver cash, and to entry credit score.”
One other rising menace comes from monetary expertise (FinTech) disruptors, which have quickly expanded to new markets, Accenture mentioned. This will increase “the extent of dependence the broader monetary sector has on these corporations to ship their core services and products. Sooner or later, it’s these areas on the periphery of economic establishments and markets, like FinTech, the place massive scale, disruptive assaults could originate.”
Disruptive and harmful malware assaults
The disruptive and harmful influence upon monetary establishments is a noteworthy current change in ransomware assaults, the report said. Two UK-based organizations, integral to world monetary organizations, had been affected by ransomware in December 2019 and March 2020, respectively.
One was a overseas trade market chief and the opposite a monetary providers TSP, in line with Accenture. Each needed to take programs offline following the cyberattacks, which left providers disrupted for his or her world banking shoppers, the report mentioned.
“As third events fall sufferer to focused malware campaigns, actors are more likely to have a rising destructive influence on the provision of some banking and insurance coverage providers on a world scale.”
Disinformation and misinformation just isn’t solely a menace to efforts to handle COVID19, but it surely additionally impacts the monetary sector. A number of US entities, together with the Nasdaq, the Securities and Trade Fee (SEC), and FINRA have warned of spikes in market manipulation within the wake of the COVID-19 pandemic, in line with the report.
In mild of evolving threats and adversaries, safety leaders have a chance to reimagine their technique and applied sciences from the bottom up, the report mentioned.
“Safety leaders are in pole place to behave as choice makers and key influencers to assist their establishments to be secure and safe and information individuals to adapt to new methods of working that enhance safety in the long run,” Accenture mentioned. “By adopting the attributes of adaptive safety, safety leaders can put the fitting controls in place to create a working surroundings that builds resilience.”