Positive Technologies: The financial sector ranks among the top five most targeted economic segments worldwide

2 weeks ago

Positive Technologies analyzed cyberthreats in the financial industry, finding that by the end of H1 2024, these organizations placed among the top five in recorded incidents. During this period, the share of cyberattacks using social engineering more than doubled compared to H1 2023, while malware remains the weapon of choice for cybercriminals. Banks, including federal and regional organizations from 52 countries, were the primary targets of the attacks.

Despite suffering the largest number of successful cyberattacks overall, financial-related cybersecurity incidents worldwide decreased by 36% in 2024 compared to H1 2023. Experts link this decline to the overall increase of corporate security, but emphasize that IT assets of financial organizations are still vulnerable to hacker efforts. Furthermore, analysts point to the fact that many companies cover up security incidents to avoid bad publicity; some incidents are still made known through messages on dark web forums, however. In 2024, experts observed that the actual number of messages on dark web forums was five times higher than the number of publicly reported cyberattacks.

Elena Kozlova, Director of Business Development for the Financial Sector at Positive Technologies, said, “The financial sector maintains interindustry balance and currency stability, ensures the execution of international contracts, and addresses other critical government tasks. That is why financial services must be extremely cyber resilient. Given the pace at which new cyberthreats emerge, organizations should use advanced cybersecurity tools that enable them to prevent non-tolerable events at early stages.”

Malware is one of the primary methods of attack on financial organizations. For instance, in H1 2024, it accounted for 56% of reported incidents, representing a 12% increase over the same period in 2023. Ransomware remains the most common type of malware encountered, however, in 2024, the number of publicly-disclosed ransomware attacks experienced by financial organizations dropped by as much as 28% compared to H1 2023. In second place are RATs (remote access trojans), which have seen their share triple over the past year, reaching an incident share of 34% by mid-year.

Anna Golushko, Senior Information Security Analyst at Positive Technologies, said, “Most RATs have spyware functions that are often used by APT groups. These groups target the financial sector due to its close ties with government institutions. Cybercriminals increasingly spread malware via email: 49% of cases in H1 2023, rising to 66% in H1 2024. For instance, India’s National Bank for Agriculture and Rural Development received a phishing email concerning SWIFT transactions.”

This study sheds light on the cyber threats financial organizations are faced with, drawing on data from analyzing successful cyberattacks recorded between the period H2 2023 to mid-2024. Organizations covered by the study include banks, insurance companies, credit institutions, payment systems, securities firms, microfinance organizations, and investment funds, among others.