Gavin Knapp, Cyber Defence Technical Lead at Bridewell
The finance and fintech industry has always been a prime target for cyber criminals but in recent times attacks have escalated. The sophisticated use of artificial intelligence by hackers, the growth of digital payments and the weaknesses in new homeworking practices are just some of the reasons why cyber criminals are increasingly targeting the sector. While financial gain is the main motive, cyber attackers also seek to achieve credibility and status by acquiring high profile data. There is also increased likelihood that the finance sector may be targeted because of the UK’s backing of Ukraine in the conflict with Russia.
This exponential rise is illustrated by the recent survey from the Financial Conduct Authority (FCA) that revealed malicious attacks targeting financial websites and servers increased fivefold in 2022. A quarter of all incidents involved distributed denial-of-service (DDoS) attacks. Furthermore, Bridewell’s own research showed that 81% of cyber leaders in the finance sector have reported a rise in attacks since the start of the Russia-Ukraine war.
Whilst the finance industry is not alone in seeing an increase, no other sector is more data-driven, digitised, or more attractive for cyber attacks. Rising rates of cyber crime mean rising costs for financial organisations as they reimburse defrauded customers. More than just money, cyber attacks erode customer confidence and breach required compliance standards.
Organisations urgently need to shift to a modern defensive mindset to address the tactics, techniques, and procedures being used by 2022 cyber criminals and to develop proactive, intelligence led approaches to security operations that involve thinking like the adversary to test defences in a realistic manner, and to hunt for evil in their networks.
Cyber crime is a risk no fintech organisation can avoid
Any fintech organisation can fall victim to cyber criminals whether this is ransomware related groups or groups associated with business email compromise and targeting phishing, recently we have seen other groups such as Lapsus$ compromising huge companies such as Uber for nothing more than the kudos and notoriety that comes with a high profile hack. In 2020, the world’s third largest financial services software provider, Finastra, was hit by a ransomware attack that caused disruption to its global operations and interrupted services for its 9,000-strong customer base. More recently, Revolut, the app-based bank, fell prey to a ‘highly targeted’ cyber attack. Whilst no funds were accessed or stolen, this phishing crime compromised the data of thousands of Revolut’s customers.
For fintech’s, the threat landscape is evolving in line with technological advancements, with cyber criminals leveraging insecurities in cloud configurations. For example, ransomware has rapidly evolved from being a simple malware issue requiring user interaction to a highly profitable and nuanced human endeavour. Human-operated ransomware (HoR) sees criminals infiltrate an organisation’s on-premises or cloud IT infrastructure through a variety of methods, before moving laterally, harvesting credentials to elevate their privileges, exfiltrating data, and deploying ransomware to encrypt critical data. HoR has become a growing threat and a huge risk to financial organisations.
Russia’s invasion of Ukraine is also raising cyber risks worldwide. Even though these geopolitical tensions haven’t yet gone beyond Ukraine’s borders, major cyber attacks that could affect US and European systems are a growing possibility. We have already seen that pro-Russian hacktivist groups such as Killnet and Anonymous Russia have performed targeted DDoS attacks against US critical infrastructure included airports and financial services organisations. Bridewell’s recent survey of cyber leaders in CNI found that over three-quarters (76%) of IT decision makers in the finance sector are worried about the impact of cyber warfare. The need for organisations to collaborate more effectively and mount a proactive response to evolving security risks could not be more vital.
Changing the perspective on cyber security
As the finance sector continues to undergo major digital and infrastructure transformation, it is more important than ever for businesses to reconsider their cyber security investments. Traditionally, senior leaders in finance have considered digital transformation and cyber security to be two separate strategies with independent objectives and goals. This approach is fundamentally flawed.
When companies invest in advanced technologies, but don’t understand how best to use them, they can create significant inefficiencies and compromise cyber security. As companies explore the latest technologies, they must also establish and maintain good security protocols and practices to supplement them. Cyber and digital strategies should be inseparable.
Financial organisations are making good progress in this area. Bridewell’s research found that, for many cyber leads in finance, the source of greatest pressure to improve cyber maturity came from the business itself and the need to support new technology and digital initiatives. It indicates that organisations are working to ensure they have a strong cyber security strategy that matches their digital transformation aspirations.
An answer to the cyber security crisis
With a growing number of assets to monitor and manage, alongside the complexity and sophistication of cyber-attacks and the high number of incidents, preventative security is no longer an effective way of defending against cyber crime. A successful cyber security strategy must now include proactive network monitoring. Fintech organisations should embrace an integrated, well-considered, and proactive strategy centred around intelligence-driven managed detection and response (MDR).
Drawing on the power of cloud technology, MDR looks out for the symptoms of embedded vulnerabilities, rather than relying on set virus definitions. It combines technology and human expertise to perform threat hunting, monitoring, and response. Not limited to greater detection and response capabilities, an effective MDR strategy also provides proactive defence intelligence and insight of advanced threats, reducing the burden on overwhelmed security teams. Even better, it can also help an organisation improve the return on investment of the cyber security tools they already have and manage the sheer volume of cyber security alerts.
Achieving resilience against cyber threats
As cyber crime quickly supersedes conventional crime, the finance and fintech industry must protect itself against a diverse and escalating range of threats. They need to be able to define and truly understand the specific security risks facing their organisation and adjust their cyber strategy accordingly. Traditional approaches to security testing have become outdated. The types of vulnerabilities have evolved, and the way software is developed and delivered has changed.
Innovation transforms how business is conducted, but as technology advances, so does the realm for cyber crime. More and more organisations in the finance sector are realising how cyber security can drive both digital transformation and business transformation. With its agility and reliability, emerging cloud-based technologies have helped to innovate security in a way that will frustrate hackers for years to come.
Now is the golden opportunity for the finance sector to align their cyber and digital strategies and embrace a proactive security approach to safeguard their assets, their reputation and their future.
Wanda Rich has been the Editor-in-Chief of Global Banking & Finance Review since 2011, playing a pivotal role in shaping the publication’s content and direction. Under her leadership, the magazine has expanded its global reach and established itself as a trusted source of information and analysis across various financial sectors. She is known for conducting exclusive interviews with industry leaders and oversees the Global Banking & Finance Awards, which recognize innovation and leadership in finance. In addition to Global Banking & Finance Review, Wanda also serves as editor for numerous other platforms, including Asset Digest, Biz Dispatch, Blockchain Tribune, Business Express, Brands Journal, Companies Digest, Economy Standard, Entrepreneur Tribune, Finance Digest, Fintech Herald, Global Islamic Finance Magazine, International Releases, Online World News, Luxury Adviser, Palmbay Herald, Startup Observer, Technology Dispatch, Trading Herald, and Wealth Tribune.