Ransomware is hitting the financial services industry harder than ever before

News
By Sead Fadilpašić
published

Hackers are dropping malware via cloud apps

ID theft
Image credit: Pixabay (Image credit: Future)

Ransomware is hitting the financial services industry harder than ever before, a new report has claimed.

Findings from Netskope Threat Labs claims that the financial sector remains “one of the most attacked sectors by ransomware groups,” who mostly use trojans to breach systems and deploy encryptors.

Of all the groups engaged in ransomware, two particularly stand out, Netskope says - Cl0p and LockBit. The former made headlines last year after exploiting a vulnerability in the MOVEit managed file transfer service to compromise hundreds of organizations around the world and steal terabytes of data.

Cl0p and LockBit

Some researchers claim the group’s activities affected almost a thousand organizations and more than 60 million people.

LockBit, on the other hand, established itself as one of the biggest ransomware-as-a-service providers, affecting many high-profile organizations. Despite the recent takedown of dozens of its servers, the group has now apparently re-emerged with another data leak website and new victims listed.

Netskope's report also found that Microsoft One Drive and Sharepoint, as well as GitHub, are some of the most popular targets for abuse to spread malware, and have been since September last year.

Sharepoint has proved more popular within the financial sector than in other industries, which Netskope claims is mainly due to the popularity of Redmond's video conferencing service Microsoft Teams, which makes use of Sharepoint for file sharing purposes. 

Commenting on the findings, Paolo Passeri, Cyber Intelligence Principal at Netskope, said, “It is clear that the macro trends for cloud app use and abuse have remained consistent for the finance sector over the past year."

He added, "What is interesting to see is that the financial sector remains one of the most attacked sectors by ransomware groups with a focus on the exploitation of vulnerabilities at scale."

Passeri also believed that the statistics should serve as a salutary lesson: "Every organization should take the time to assess and secure their own infrastructure and [remember] that simple operational mistakes could expose you to significant threats.”

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.