The increases were due to several factors, including the “rapid digitization of financial services, which accelerated during the pandemic” and increased entry points for hackers to possibly exploit, as well as a sharp rise in “zero-day” vulnerabilities being identified. Zero days are flaws in software and hardware that developers and cybersecurity professionals don’t know about, meaning that once a hacker exploits one of them, they have zero days to fix it.
“There was a dizzying number of vulnerabilities,” Walsh said.
Third-party hacks remain a threat for the financial sector, due to its reliance on “a myriad of providers and suppliers,” and a potential way to infiltrate organizations that “are considered adequately hardened to traditional attack methods, such as financial institutions,” according to the report. There’s also a concentration risk among financial institutions because many use the same suppliers, according to a FS-ISAC spokesperson.
Several recent attacks on the software supply chain, such as breaches at SolarWinds Corp. and Accellion Inc., have demonstrated that “a one-to-many compromise chain is possible,” the report said.
FS-ISAC also warned that ransomware remains a persistent concern, “a game of whack-a-mole, where operators shut down when they feel the heat of law enforcement, only to reopen under new names months later,” the group wrote.
Despite a concerted effort by law enforcement to crack down on ransomware in the last year, particularly after a devastating attack on Colonial Pipeline Co. that snarled fuel supplies last May, FS-ISAC’s report found that members reported an increase in ransomware-related events in the second half of 2021. Walsh said she had expected to see a measurable change in ransomware attacks because of the increased scrutiny. But aside from a “few hiccups,” she said, “It didn’t drop at all.”
The FS-ISAC report was written in early January, and Walsh said the group recognized then that its predictions could be upended by world events. However, she said FS-ISAC members have been preparing for the possibility of increased cyberattacks for months, reviewing tactics and techniques commonly used by hackers and finding ways to defend against them.
Still, common hacking methods remain an issue. Of the incidents reported by members, 24% started with an employee being targeted by a phishing attack, according to FS-ISAC.
--With assistance from Max Reyes and Sridhar Natarajan.
This article was provided by Bloomberg News.