14 DAY TRIAL // Protecting against cyber-attacks is this year’s top priority for businesses in the financial sector as cybercriminal activity targeting this vertical is 300% more frequent than in any other industry.
For a while, crooks have started to go where the money is and set their sight on organizations in the financial business, seeking illegal access to their computer networks purely for monetary rewards.
Cybercriminals carefully plan initial attack stages
A study from Websense (now merged with Raytheon Intelligence) focused on collecting info on cyber threats and tactics targeting this sector reveals that cybercriminals pour considerable effort into devising new methods for compromising hosts in financial services.
Hackers spend significant time with reconnaissance activity and creating a variety of lures that would increase the success of the operation. Websense found that 33% of all lure stage attacks are aimed at the financial market segment.
“In targeted attacks, the most common subject line and content matter in email lures tend to be professional in nature and most frequently involve specifics around invoices, ACH and BACS payments and third-party vendors,” the researchers say in a report published on Tuesday.
Most prevalent threats
Stealing credentials is among the top goals of the attackers, Rerdom being the threat seen in most incidents. Associated with the operators of the Asprox spam botnet, Rerdom includes a large list of features ranging from malware distribution to harvesting login info, downloading additional malware, or scanning websites for vulnerabilities that would allow compromising new servers.
Second most prevalent in cyber-attacks against financial organizations is Vawtrak, also known as Neverquest, a banking Trojan that can steal passwords, digital certificates, browser history and cookies.
Another threat seen in campaigns targeting financial institutions is Geodo, a piece of malware containing its own credential-stealing email worm. But unlike Rerdom and Vawtrak, Geodo is less used for other operations and it has been “seen 400 percent more often in the finance sector [incidents] than other industries.”
Attacks aiming at banks have grown more sophisticated over the years and this trend will continue, making maintenance of an adequate security level a constant endeavor for businesses.