F-Secure broadly categorises the threats into three: data theft, data sabotage, and direct financial theft. Financial information, like medical data, is very sensitive, and can come useful for attackers to blackmail victims and perpetrate a variety of social engineering attacks.
The report found North Korea as a unique case of a nation-state conducting financially-motivated attacks and noted how organised criminal groups inspired by North Korea have compromised banks’ SWIFT international payments systems — a technique employed by state-sponsored Lazarus Group (APT38) to steal almost USD 1 billion from Bangladesh Bank back in 2016.
Furthermore, the banking sector risks being exposed to a new wave of attacks, including the use of distractive malware, supply chain compromises and targeted ransomware, that go far beyond traditional theft. The report also observes that the re-weaponization of exploits have enabled the threat actors to offer “cybercrime-as-a-service” on dark web.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now