Hacker team-ups pose 2021 threat to financial industry, group cautions

Written by

An information sharing group for the financial sector warned on Tuesday that banks will encounter growing danger this year from converging nation-state and criminal hackers, as well as supply chain risks and cross-border attacks.

The report from the Financial Services Information Sharing and Analysis Center serves as a recap of threats the industry endured last year, as well as a forecast for 2021.

Ransomware and other kinds of extortion attacks were among the biggest hazards for the financial services industry last year, FS-ISAC said. The organization said it expects further use of the increasingly common ransomware method of hackers leaking partial data to incentivize higher victim payments, and it said that more than 100 financial companies received distributed denial-of-service extortion threats last year.

The organization also suggested that state-sponsored groups would leverage access or other techniques established by financially motivated scammers to boost their own operations. FS-ISAC did not point to specific examples of spies relying on such tradecraft in the past.

“Wittingly or otherwise, criminals will support nation-state operations through selling initial access or tools to achieve those ends,” the report states. “Nation-state cyber actors will benefit from the mass ‘workforce’ of the cybercriminal underworld constantly seeking to compromise networks who will handle the first step of a kill chain that they can then take advantage of.”

For the SolarWinds supply chain hack first revealed last year and that rippled through federal agencies and major companies, “the dominoes are still falling” in the financial sector, FS-ISAC said.

Accellion, itself at the center of a number of recent supply chain breaches, said it used FS-ISAC to brief the financial sector on the situation. At least one major bank, Flagstar, has been ensnared in the fallout from that breach, with ever-expanding ramifications. FS-ISAC anticipates more supply chain risks in 2021.

It also anticipates, based on the events of 2020, that hackers will test out attacks in one part of the world before expanding them elsewhere. “An attack on an insurance company in Asia could be a harbinger for a fintech in Europe or a community bank in the US,” the report states.

While the financial services industry gets higher marks than most for its cybersecurity preparations, that doesn’t mean it’s invulnerable. The Carnegie Endowment for International Peace and the Word Economic Forum warned in November that the global financial system is ill-equipped to defend against cyberattacks capable of severe disruption.