F-Secure broadly categorises the threats into three: data theft, data sabotage, and direct financial theft. Financial information, like medical data, is very sensitive, and can come useful for attackers to blackmail victims and perpetrate a variety of social engineering attacks.
The report found North Korea as a unique case of a nation-state conducting financially-motivated attacks and noted how organised criminal groups inspired by North Korea have compromised banks’ SWIFT international payments systems — a technique employed by state-sponsored Lazarus Group (APT38) to steal almost USD 1 billion from Bangladesh Bank back in 2016.
Furthermore, the banking sector risks being exposed to a new wave of attacks, including the use of distractive malware, supply chain compromises and targeted ransomware, that go far beyond traditional theft. The report also observes that the re-weaponization of exploits have enabled the threat actors to offer “cybercrime-as-a-service” on dark web.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. If you see a comment that you believe is inappropriate to the discussion, you can bring it to our attention by using the report abuse links. As the comments are written and submitted by visitors of the The Paypers website, they in no way represent the opinion of The Paypers.