On Thursday, VMware Carbon Black released the third edition of the Modern Bank Heists report, which says that financial organizations experienced a massive uptick in cyberattack attempts between February and April this year -- the same months in which COVID-19 began to spread rapidly across the globe.
The cybersecurity firm's research, which includes input from 25 CIOS at major financial institutions, adds that 80% of firms surveyed have experienced more cyberattacks over the past 12 months, an increase of 13% year-over-year.
VMware Carbon Black data already indicates that close to a third -- 27% -- of all cyberattacks target either banks or the healthcare sector.
An interesting point in the report is how there appears to have been an uptick in financially-motivated attacks around pinnacles in the news cycle, such as when the US confirmed its first case of COVID-19.
In total, 82% of chief information officers contributing to the report said that alongside a spike in attacks, techniques also appear to be improving -- including the use of social engineering and more advanced tactics to exploit not only the human factor but also weak links caused by processes and technologies in use by the supply chain.
The use of Kryptik and Emotet malware families is frequent, as well as Obfuse, CoinMiner, and Tiggre. Ransomware attacks against the financial sector increased roughly 9x from the beginning of February to the end of April 2020. Those surveyed said that attempts at destruction, not just information theft, are becoming more common.
Wipers, too, are becoming more commonplace. According to MITRE, the typical behaviors demonstrated by wiper malware are as below:
Island-hopping has also been experienced by 33% of those surveyed. This form of attack involves threat actors moving through a supply chain -- starting at a weak link -- with the overall goal of reaching a connected financial institution. This may be achieved by methods such as compromising and then moving through networks, watering hole attacks, or business email compromise (BEC).
In addition, 64% of organizations have reported a 17% increase in wire fraud attempts.
"When combined with a steady commercial growth of mobile devices, cloud-based data storage and services, and digital payment systems, cybercriminals today have an ever-expanding host of attack vectors to exploit," commented Jonah Force Hill, senior cyber policy advisor and CIAB executive director. "Every organization -- providers of financial services, in particular -- must remain vigilant in the face of these evolving threats. It is critical that organizations maintain a continuous dialogue with law enforcement to ensure a rapid response in the event of an incident."