Finance sector facing huge amount of cyberattacks that could leave it on its knees

News
By Sead Fadilpašić
published

Finance sector is facing "death by a thousand cuts", BlackBerry warns

Malware worm
(Image credit: Shutterstock)

The financial sector is being attacked left and right, as hackers pluck their sensitive data away like a pack of hyenas, new research from BlackBerry has claimed.

The company's Global Threat Intelligence Report says there were roughly a million attacks against firms in the global financial sector logged over just 120 days last year. 

BlackBerry describes the current cybersecurity situation as “death by a million cuts”, in which hackers mostly use commodity malware. This, BlackBerry suggests, means that there are numerous threat actors, operating independently, but still targeting more or less the same organizations.

Novel malware on the rise

Cumulatively, attacks on critical infrastructure accounted for almost two-thirds (62%) of all industry-related attacks between September and December last year. Critical infrastructure includes the financial sector, but also government, healthcare, and communications.

The number of new malware samples is constantly on the rise, the researchers further announced. For the analyzed quarter, the team spotted a 27% increase in novel malware, from 2.9 variants per minute between June and September, to 3.7 between September and December. 

“We’re consistently seeing increased volumes of attack in highly lucrative industries using novel malware,” said Ismael Valenzuela, Vice President of Threat

Research and Intelligence at BlackBerry. “Novel malware typically indicates specific motivations from threat actors towards particular attack targets with intent to evade defenses, which are often based on static signatures. We’ve reached a pivotal point where traditional detection methods alone are not enough to combat this increasingly complex problem. AI is already being weaponized by malicious entities, so it must equally be the dominant tool for detection and defense.” 

While the majority of attacks are focused on critical infrastructure organizations, that doesn’t mean that commercial enterprises can relax. A third of all threats targeted retail, manufacturing, automotive, and professional services organizations, and more than half of those (53%) included information-stealing malware.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.