Blog_Header.jpg

IntSights' Blog

Financial Services Organizations Beware: Rising State-Sponsored APT Group Attacks

by Andrey Yakovlev / November 13, 2018

Since the days of the Wild West, banks and financial institutions have come to realize that their main threats originate from crime groups. Today, even as crime has moved into cyberspace, most financial institutions still believe these crime groups are their primary adversaries, as well as believing that their threat landscape has remained the same. The main reason for this lies in a simple equation: crime groups like money, and banks have it. But over the past few years we have started to see a change in the landscape, as banks and financial institutions have become targets for state-sponsored APT groups.

These state-sponsored actors receive direction, funding, or technical assistance from a nation-state to advance that nation’s interests. Instead of being motivated by money, they prefer to steal, and exfiltrate, intellectual property, sensitive personally identifying information (PII), and military and financial secrets.

Before the Internet, it was extremely difficult for another country to attack banks or financial institutions. But as the cyberworld has emerged, it’s put the private sector within reach of nation-state attackers, and it’s changing the landscape for how companies must defend against these threats. In our recent report, The Rise of State-Sponsored Attacks Against Financial Services Organizations, we explore the reasons for such a shift, ranging from pure financial gains of common criminals to highly sophisticated and well-equipped APT groups and what they gain besides money.

The Rise of State-Sponsored APT Group Attacks

It’s not just governments that are feeling the disastrous effects of state-sponsored cyber warfare and crime. Recent discoveries have revealed the existence of, and details on, several government-sponsored hacking groups around the globe. While most state-sponsored APT groups target other governments and militaries for intelligence collection, in the last few years, we are starting to see more activity directed towards the financial sector. In fact, the financial sector is every bit as at risk, and often don’t have the same level of defenses in place that governments can afford.

Although banks and other financial institutions are private businesses, state-sponsored APT groups still see them as symbols that represent the country, and attacking them serves the interests of their sponsored country.

Attributing attacks to any specific group or state is very difficult, and usually based on allegation rather than proven evidence. Hacking groups are modular and separated into specialized divisions, with each department responsible for a different side of the operation. Security companies will come up with a name for groups and incidents, the groups don’t necessarily refer to themselves that way. No country has come forward and said “We did this, those are our guys”, with the exception of non-state sponsored groups and hacktivists.

As a result, the conclusions made by researchers come from correlations between the tools used, similar techniques and strategies, and analyzing digital footprints.

New Report: The Rise of State-Sponsored Attacks Against the Financial Services Industry

To read further about how State-Sponsored APT groups are targeting the Financial Services industry, download our research report. This report includes:

  • An Overview of the Changing Threat Landscape for FSI Organizations
  • Evidence of APT Group Linkage to the Russian FSB
  • Timeline of Cybercrime and State-Sponsored Attacks Against Banks
  • Anatomy of a State-Sponsored Cyber Attack

IntSights_FSI_State_Sponsored_Report_Cover

The Rise of State-Sponsored Cyber Attacks Against Financial Services Organizations
Download Now

Tags: Financial Services Cyber Crime State Sponsored Research Report

0 Comments
previous post The Top 5 Ways Retailers Will Be Scammed This Holiday Season
Next Post Attention Shoppers and Retailers: 10 Safety Tips for Cyber Monday
Andrey Yakovlev

Andrey Yakovlev

Andrey Yakovlev is a Security Researcher at IntSights, focused on intelligence hunting from the Russian Dark Web. He is an experienced professional with over 6 years of experience in the cyber security field. Andrey specializes in threat discovery, computer forensics and behavioral analysis of Trojans.