COVID-19 blamed for 238% surge in cyberattacks against banks

Disarray caused by the pandemic has become a breeding ground for financially-motivated attacks.
Written by Charlie Osborne, Contributing Writer

The coronavirus pandemic has been connected to a 238% surge in cyberattacks against banks, new research claims. 

On Thursday, VMware Carbon Black released the third edition of the Modern Bank Heists report, which says that financial organizations experienced a massive uptick in cyberattack attempts between February and April this year -- the same months in which COVID-19 began to spread rapidly across the globe.   

The cybersecurity firm's research, which includes input from 25 CIOS at major financial institutions, adds that 80% of firms surveyed have experienced more cyberattacks over the past 12 months, an increase of 13% year-over-year. 

See also: Gartner slices 2020 worldwide IT spending prediction to $3.4 trillion due to coronavirus

VMware Carbon Black data already indicates that close to a third -- 27% -- of all cyberattacks target either banks or the healthcare sector. 

An interesting point in the report is how there appears to have been an uptick in financially-motivated attacks around pinnacles in the news cycle, such as when the US confirmed its first case of COVID-19. 


In total, 82% of chief information officers contributing to the report said that alongside a spike in attacks, techniques also appear to be improving -- including the use of social engineering and more advanced tactics to exploit not only the human factor but also weak links caused by processes and technologies in use by the supply chain.

The use of Kryptik and Emotet malware families is frequent, as well as Obfuse, CoinMiner, and Tiggre. Ransomware attacks against the financial sector increased roughly 9x from the beginning of February to the end of April 2020. Those surveyed said that attempts at destruction, not just information theft, are becoming more common. 

CNET: That old Android phone might not be safe to use: 6 things to consider

Wipers, too, are becoming more commonplace. According to MITRE, the typical behaviors demonstrated by wiper malware are as below:


Island-hopping has also been experienced by 33% of those surveyed. This form of attack involves threat actors moving through a supply chain -- starting at a weak link -- with the overall goal of reaching a connected financial institution. This may be achieved by methods such as compromising and then moving through networks, watering hole attacks, or business email compromise (BEC).

In addition, 64% of organizations have reported a 17% increase in wire fraud attempts. 

TechRepublic: BlackBerry Bootcamp boosts university applied computing with cybersecurity program

"When combined with a steady commercial growth of mobile devices, cloud-based data storage and services, and digital payment systems, cybercriminals today have an ever-expanding host of attack vectors to exploit," commented Jonah Force Hill, senior cyber policy advisor and CIAB executive director. "Every organization -- providers of financial services, in particular -- must remain vigilant in the face of these evolving threats. It is critical that organizations maintain a continuous dialogue with law enforcement to ensure a rapid response in the event of an incident."

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Editorial standards