Cyber Threats and Financial Sector Vulnerability
Luke Smith , Cyber Security Engineer at Custodia, guides us through the latest cyber threats impacting the financial world. From ransomware attacks in Brazil to DDoS campaigns in Israel, our latest Security Spotlight uncovers the tactics hackers are using and the steps institutions and regulators are taking to stop them.
Let's get started.
ApexBrasil - LockBit Strikes Again
September 2024 saw multiple ransomware attacks targeting Brazilian banks, part of a growing trend in Latin America, where cybercriminals hunt for significant ransom pay-outs. The infamous LockBit group was front and center, following high activity across multiple sectors.
Among the targets was ApexBrasil, an institution supporting over 15,000 companies claimed by LockBit themselves on a dark web forum.
LockBit used double extortion tactics: encrypting vital data and threatening leaks if their demands weren't met.
This attack highlighted the vulnerability of legacy infrastructure when dealing with determined, sophisticated, and unscrupulous hackers.
Brazil's banking sector faces an escalating cyber threat, with attacks spiking between June and September 2024. National events appear to be a target, with low staffing levels, making banks easier targets.
DDoS Attack on Israeli Financial Institution
In August 2024, an Israeli financial institution endured a massive DDoS attack, one of the year's biggest.
A hacktivist group used a global botnet to overwhelm over 278 IP addresses for almost 24 hours, flooding the infrastructure with 419 terabytes of traffic through methods such as UDP floods and DNS reflections.
Despite having advanced DDoS protection, service disruptions were felt regionally.
领英推荐
This incident is part of a broader wave of politically motivated DDoS attacks, pointing towards possible state-sponsored involvement - a stark reminder that financial institutions need robust defenses to meet escalating threats.
ECB Cyber Resilience Stress Test
In 2024, the European Central Bank (ECB) completed a cyber resilience stress test to evaluate how well banks could recover from severe cyberattacks. This initiative responded to the increasing sophistication and frequency of cyber threats driven by geopolitical tensions and the digitalization of finance.
The stress test involved 109 banks, with 28 undergoing more intensive assessments. The focus was on response and recovery: testing crisis management, stakeholder communication, and service restoration once systems were compromised.
Results revealed that while banks had solid frameworks, there were gaps in recovery capabilities, highlighting the need for further cybersecurity investment. These findings will contribute to the ECB's 2024 Supervisory Review and Evaluation Process (SREP) to enhance preparedness against real-world cyber threats.
DORA - Digital Operational Resilience Act
Looking ahead, the upcoming Digital Operational Resilience Act (DORA), set to take effect in 2025, will further strengthen cybersecurity frameworks for financial institutions across the EU.
DORA aims to ensure these institutions remain resilient during severe operational disruptions, bolstering digital defenses.
To learn more about DORA and what it means for regulated industries, read our series of blogs by our regulatory and European Governance expert, Dr. Nathalie Aubry-Stacey.
Super insightful! Ransomware and DDoS attacks are no joke. How do you think DORA will shape cybersecurity strategies?