A recent study from the cybersecurity firm Intsights revealed that the Banking and Financial sectors were hit with a constant stream of cyber-attacks when compared to other sectors. According to the Intsights Q1 2019 report named Banking & Financial Services Cyber Threat Landscape Report April 2019, around 25.7 percent of all malware attacks last year was targeted on banks and financial organizations. The study also exposed that the number of data breaches reported in the Q1 2019 is doubled to any of the quarters of 2018.
IntSights is an Enterprise Threat Intelligence & Mitigation platform that provides an active defense system against digital threats. The company claims that its advanced data-mining algorithms and unique cyber reconnaissance capabilities continuously scan the clear, deep, and dark web to provide insights about potential threats to your organization and security professionals.
IntSights stated that cybercriminals exploited the vulnerabilities within SS7 telecommunication protocol to intercept messages that authorize payments from user accounts. According to the survey, hackers inject ATM Malware such as FASTCash and ATMJackPot in switch servers to spread a fake message to approve fraudulent withdrawal requests. Also, there was an increase of more than 212% in the theft of credit card information and 102% year-over-year increase in malicious applications.
“In recent years, threat actors have most frequently targeted banks and financial institutions in developing regions of the world. Our research shows that financial organizations based in Latin America, Africa, and South Asia – primarily India and Pakistan – are particularly susceptible to attacks because many of them lack the same comprehensive security systems that are common at large corporations based in more developed countries throughout North America, Western Europe, and parts of Asia, like Singapore and Japan. With fewer barriers, cybercriminals are able to exploit organizations in developing nations with far greater ease. However, this doesn’t mean organizations in developed countries are impervious to cyberattacks,” the report stated.
Recently, multiple banks and other financial companies in several West African countries have suffered from different hacking attacks, which are underway since mid-2017. According to a report published by Symantec, financial institutions in Cameroon, Congo (DR), Equatorial Guinea, Ghana, and the Ivory Coast have been hit by multiple cyber-attacks in 2017 and 2018.
Symantec stated that it has detected four distinct hacking campaigns targeted against financial firms in Africa. The first attack started in mid-2017 and has infected computers with a malware known as NanoCore (Trojan.Nancrat). The second type of attack began in late 2017, in which cybercriminals used malicious PowerShell scripts and credential-stealing tool Mimikatz (Hacktool.Mimikatz) to exploit their targets.
The third attack was targeted at banks in Ivory Coast using a malware called Remote Manipulator System RAT. The fourth attack started in December 2018. The intruders used a malware known as Imminent Monitor RAT (Infostealer.Hawket) to attack banks in Ivory Coast. Symantec stated that all the four attacks were discovered through alerts generated by its Targeted Attack Analytics (TAA), which uses artificial intelligence to analyze and spot targeted attacks.