'No end' to rising cyber threat for financial services
Source: Asia Insurance Review | Apr 2022
The annual report of FS-ISAC on cyber threats for financial firms has said the same top three risks, as in 2021, would continue to dominate in 2022 as well, on the back of increasing digitalisation in the financial services sector.
Third-party risk, zero-day vulnerability exploits and ransomware will remain at the forefront of the cyber threats facing financial institutions in 2022.
FS-ISAC is the global cyber intelligence sharing community solely focused on financial services. The FS-ISAC annual global intelligence office report, Navigating Cyber 2022 has revealed that the rapid digitalisation of the financial services sector has led to an increase in global cyber threats in 2021, specifically the acceleration of high-profile cyber attacks targeting third-party suppliers and critical zero-day vulnerabilities. This led FS-ISAC to increase its regional cyber threat levels an unprecedented three times in 2021.
The report that covers inputs from 65 countries found that an increase in cyber threats against global financial services firms in 2021 was driven by attacks targeting third-party suppliers and zero-day vulnerabilities, with mounting ransomware a real problem.
“Many of the major cyber incidents in 2021 have third-party suppliers as the attack surface, zero-day vulnerabilities as the main infection vector and ransomware as the end threat. We see no end to these trends.”
The FS-ISAC report said it also anticipates an increase in nation-state cyber activity in 2022. FS-ISAC said the scale of cyber threats sparked an ‘unprecedented’ number of changes to regional cyber threat levels last year. The financial services firms reported high levels of phishing and business email compromise as the main entry points for cyber attacks.
FS-ISAC global head of intelligence Teresa Walsh said that 24% of cyber events reported by its members last year were tracked to phishing campaigns targeting employees. A