Being Aware of Cyber Threats

With the on-going pandemic and no end date, many businesses have switched to working from home. This compromises cyber security and increases the chances of cyber threats. One of the major targets is the financial services sector/firms.

As monetary transactions are involved, this particular sector and the firms are vulnerable and ideal to cyber threats. This requires firms to be more aware and prioritize cyber security.


Interconnected Attack Surfaces due to Supply Chains
  • Financial firms have always been attacked mostly through technology partners such as managed service providers and cloud service providers.
  • These service providers have also encountered ransomware incidents, obstructing the services for certain financial firm clients.
  • Other third parties that affect the vulnerability of financial firms turned out to be telecommunications providers and power companies.

    • Cyber attacks happen as businesses switch their information security focus to aid remote workforces.

     

    Credential and Identity Theft
  • Targeted attacks and fraud—theft, compromise, and abuse of credentials and identities
  • Due to the adjustments of financial firms’ operations, cyber criminals would keep up with the adjustment process and take advantage of every loophole they can find. This results in the attack through remote workforces, due to financial firms.
  • Credential-stealing malware, along with mobile malware have led to the stealing of customers’ credentials for more than 200 financial firms. This is possible as remote work locations increase the reliance of mobile devices.
  • Identity theft in particular, grew as there were implemented financial relief programs to aid those who were affected by the pandemic.

    •  

    Data Theft and Data Manipulation
  • Through ransomware, data is either destroyed or altered. Making use of the systems’ vulnerabilities, servers often get compromised, data gets manipulated and victim organization’s would get encrypted.
  • For a profitable long-term approach, multiple attack approaches allow them to sustain ransomware by making the process of responding to ransomware infections more challenging.
  • From commodity malware infections to targeted attacks, crimeware only takes up to a few hours to cause disastrous ransomware and enter a network.

    •  

    Emerging Technologies Advance Cyber Threats
  • With the advancement of technology, cyber criminals have been finding new ways to commit their attacks more effectively.
  • Cyber criminals use Deepfake technology to deceive victims/companies. Deepfake technology makes use of Artificial Intelligence (AI) / machine learning, manipulates content (visual & audio).
  • Some Deepfake attack methods:
    1. C-Level fraud
      Cyber criminals impersonate an organization’s CFO or CEO for sensitive data.
    2. Extorting companies/individuals
      Cyber criminals can generate content like a CEO announcing the loss of certain data, and blackmailing the organization by threatening them the video would be shared online.
    3. Manipulation of authentication methods
      Deepfake technology can outmanoeuvre certain authentication mechanisms, which results in precious data being compromised.

    • Financial firms are recommended to explore countermeasures to prevent the abuse of this emerging technology, so they would be able to secure their data.

     

    Destructive and Disruptive Malware Attacks
  • With the use of ransomware, threat groups target multiple related parties at the same time.
  • As financial services firms can be affected indirectly as well, firms should prepare themselves better by implementing a proactive defense plan.

    •  

    Misinformation
  • During this time of the pandemic, market manipulation rises and impacts the financial sector negatively.
  • Elements of disinformation/misinformation causes unsuspecting investors to help cyber criminals with their objectives. High market volatility pushes the confidence in the economy further down as cyber criminals take advantage of it.

    •  

    During such vulnerable times, it is best to know how to beware of certain attacks and be prepared for it. Even though many of our living routines have changed as COVID-19 impacted our lives, we mustn't let other parts of our lives be affected.

     

    Through this new information, we are better able to understand how cyber criminals work during the pandemic, and can protect ourselves better.

     

    For any enquiries or feedback, do write in to us at care@compaqs.com or contact us at (+65) 6262 0402.

     

    Sources
    bitdefender, Finance Sector Faces ‘Extreme but Plausible’ Cyber Threats
    TNN, The real danger of deepfakes