Financial Sector Among Top Targets for Cyberattacks in H1 2024

News Desk -

Share

Positive Technologies has revealed that the financial industry remains a prime target for cybercriminals, ranking among the top five sectors for recorded incidents in H1 2024. Social engineering attacks surged during this period, more than doubling compared to H1 2023, while malware continued to dominate as the primary weapon of choice for attackers. Banks, including federal and regional institutions from 52 countries, were the primary targets of these cyberattacks.

Despite the financial sector experiencing the highest number of successful cyberattacks globally, the overall number of cybersecurity incidents in this industry dropped by 36% in H1 2024 compared to H1 2023. Experts credit this decline to enhanced corporate security measures but caution that financial organizations’ IT assets remain vulnerable. Many attacks are believed to go unreported to avoid reputational damage, with dark web forums often exposing incidents. Messages on these forums were five times higher than publicly reported cases in 2024.

Elena Kozlova, Director of Business Development for the Financial Sector at Positive Technologies, emphasized the importance of advanced cybersecurity tools to detect and prevent non-tolerable events at early stages. She also highlighted the need for securing AI-based financial applications, noting that 77% of companies using such systems have already faced cybersecurity incidents.

Malware accounted for 56% of reported incidents in H1 2024, a 12% rise from the previous year. Ransomware was the most common type, though publicly disclosed ransomware attacks on financial organizations decreased by 28% compared to H1 2023. Remote Access Trojans (RATs) saw significant growth, making up 34% of malware incidents by mid-2024. Anna Golushko, Senior Information Security Analyst at Positive Technologies, noted that many RATs contain spyware functions often used by advanced persistent threat (APT) groups. Email-based malware distribution also rose from 49% in H1 2023 to 66% in H1 2024, exemplified by phishing campaigns targeting institutions like India’s National Bank for Agriculture and Rural Development.

Social engineering attacks climbed to 65% of all incidents in H1 2024, compared to 29% during the same period in 2023. Notable campaigns included Scattered Spider, which targeted U.S. financial organizations using phishing techniques like lookalike domains and SIM swap attacks to steal confidential data.

Dark web forums revealed that European organizations faced the most attacks (27%), followed by Asia (24%) and North America (17%). The financial sector accounted for 65% of dark web mentions, with DDoS attacks (30%) and stolen databases (26%) dominating discussions. Banks in Asia (42%), the Middle East (10%), and Russia (10%) were most frequently mentioned in data breach posts.

The most common consequence of cyberattacks on the financial industry was data breaches, accounting for 80% of incidents, followed by operational disruptions at 16%. Financial institutions ranked second globally for financial losses due to data breaches in 2023–2024. Experts recommend result-driven cybersecurity to minimize risks and prevent attackers from causing irreparable damage to critical IT infrastructure.