By Tom Kellermann, Head of Cybersecurity Strategy, VMware Security Business Unit
The modern bank heist has escalated to a hostage situation over the past year. The new goal of attackers is now to hijack a financial institution’s digital infrastructure and to leverage that infrastructure against a bank’s constituents. As the world shifted to an anywhere workforce amid the pandemic, we witnessed attacker strategy evolve, becoming much more destructive and sophisticated than ever before.
In the fourth annual Modern Bank Heists report, we interviewed 126 CISOs, representing some of the world’s largest financial institutions, regarding their experiences with cybercrime campaigns. Given the nature of its business, the financial sector has established robust security postures and fraud prevention practices. However, they are facing an onslaught of sophisticated cybercrime conspiracies. Attacks against financial institutions more than tripled last year. This stark reality can be attributed to the organized nature of cybercrime cartels and the dramatic increase in sophisticated cyberattacks. The goal of this year’s report was to understand how offense should inform the financial sector’s defense.
Here’s an overview of some key findings:
As the threat landscape evolves, so will the tactics, techniques and procedures of cybercrime cartels, as seen in the above findings.
These groups have become national assets for the nation-states who offer them protection and power. In tandem with this, we’ve seen traditional crime groups digitize over the past year as the pandemic hampered them from conducting business as usual. This has popularized the industry of services provided by the dark web, increased collaboration between cybercrime groups, and ensured cyber cartels are now more powerful than their traditional organized crime counterparts.
So, how should the financial industry respond? To start, here are a few strategies for security teams:
The game has changed, and so must the financial sector’s security strategy. Safety and soundness will only be maintained by empowering the CISO. 2021 should be the year that CISOs report directly to the CEO and be given greater authority and resources.
Bob Parisi, Head of Cyber Solutions – North America, Munich Re, echoed the importance of up leveling the role of the CISO as cyberattacks surge: “The report’s findings around an increased level of destructive attacks and island hopping makes it clear that financial institutions remain in the crosshairs. VMware’s recommendation that CISOs should be elevated to C-level aligns with the fact that cyber risk is an operational risk that needs to be managed across a spectrum of technology, process and people, including the use of financial instruments like cyber insurance.”
It’s no longer a matter of if, but when “the next SolarWinds” will occur. As a result, cybersecurity must be viewed as a functionality of business versus an expense. Trust and confidence in the safety and soundness in the financial sector will depend on it.