Financial services is among the industries that have been the heaviest hit by cybercrime — from the heyday of the Zeus and other banking trojans to Distributed Denial-of-Service (DDoS) attacks, modern phishing attacks, and ransomware. FinServ is a vital sector that plays a major role not only in the lives of people, but also in the global economy. Any disruption or downtime of financial services carries serious implications, and the sensitive data these organizations hold can be turned into a valuable commodity. Attackers, therefore, see FinServ as a lucrative target and levy a wide range of attacks against them, from newly discovered zero-day vulnerabilities to tried-and-true phishing attacks.
It’s no secret, then, that attackers are highly focused and motivated to attack the FinServ industry. Traditionally, the Financial Services State of the Internet (SOTI) report has picked a topic like phishing or fraud, but this time we have taken a much broader approach and cover a number of issues affecting this often attacked industry.
This broader lens has allowed us to see the immense surge in the number of attacks on the financial services industry, and the alarming speed at which attackers are leveraging newly discovered zero-day vulnerabilities. Customers of FinServ aren’t spared either, with a large portion of attackers choosing to forgo attacks on one of the most secure industries in the world, and instead attack their consumers en masse. With this enemy standing at the gate, it is important for FinServ security professionals to understand how the threat landscape is shifting.