Cybercriminals target tech and finance firms

Share

Technology has made significant leaps in all kinds of aspects of our lives. For one, it has created a new landscape where many kinds of individuals from various sectors can thrive. But despite the rise of cybersecurity groups, those who have malicious intentions still thrive in this new landscape by stealing private data or infiltrating devices, while there are others who target larger groups to cause chaos or disrupt said groups. According to CrowdStrike, cybercriminals have turned their attention to financial services and technology firms in the Year 2023.

Attack of the Cybermen

Based on their study, financial service firms have recently suffered an 80% increase in cyber-attacks. In the Asian-Pacific region alone, 26% of all attacks were aimed towards larger technology companies. This is followed by telecommunications companies with 12%, retail with 11%, financial services with 8%, and manufacturing with 7%.

The study further displays that these attacks were identity-based, where 62% were cybercriminals who interactively invaded in order to abuse valid accounts to take or steal the private data of the clients of the targeted organisation, with 160% increase of attacks in an attempt to retrieve secret keys and other credentials through cloud instance metadata APIs. 

It has been identified that these groups are either stationed or sponsored by the North Korean government. These groups have primarily targeted financial and financial-technology organisations.

Now, it takes an average of 79 minutes for cybercriminals to breach modern systems, compared to the previous year, which was 84 minutes on average. The quickest of these breaches took place this year, with a total of 7 minutes.

The Exposed Underbelly: The Lack of Response

In 2022, Kroll conducted a survey in which they stated in order to mitigate and neutralise the threats of cyber attacks 36% of the organisations in the Asia-Pacific Region do not have any form of incident response plan. Also, sixty per cent of the organisations reported a major shortage of professionals in cyber security, which makes these organisations vulnerable to further attacks and incursions in the future.

In conclusion, with the constant and ever-expanding nature of technological developments, the cyber landscape is always expanding and changing. As much as it benefits the general public, it also further expands the opportunities for those with malicious intent to exploit.

Recently, it has been observed that there has been a significant increase in attacks against financial and financial technology groups. The purpose of said attacks is to infiltrate said organisations and groups in order to abuse the valid accounts of the organisation’s clients. Despite the increasing risk of cyberattacks, many of these organisations do not have incident response plans, further exposing them to future cyberattacks.