Recent incidents underscore need for a trusted conduit between financial services and third parties
FS-ISAC Report Finds Cybercriminals and Nation-State Actors Are Converging, Increasing Cross-Border and Supply Chain Attacks
SYDNEY, AUSTRALIA - Media OutReach - 31 March 2021 -FS-ISAC, the only global cyber intelligence sharing community solely focused on financial services, announced today the findings of its latest report, which found that wittingly or otherwise, nation-states and cybercriminals are leveraging each other's tools and tactics, leading to an increase in cross-border attacks targeting financial services suppliers.
The pandemic has accelerated digitization, connectivity, and the sector's interdependence, as demonstrated by recent supply chain incidents. Increasingly, the financial sector needs a trusted conduit of real-time cyber information between institutions and third parties.
"FS-ISAC was the logical host for us to brief the financial services sector to reach a critical mass of institutions around the world all at once," said Jonathan Yaron, CEO of Accellion. "This way, we could ensure that the industry received critical and correct information via a trusted source, enabling it to act quickly to mitigate the impact of the incident."
"Organizations properly practicing defense-in-depth with multi-layered controls are still vulnerable to large-scale and even systemic issues through third party suppliers," said J.R. Manes, Global Head of Cyber Intelligence at HSBC. "The FS-ISAC community provides its members the visibility into emerging threats that could impact customers and business, even when they are not directly exposed. Ensuring and encouraging the sharing of cyber threat intelligence is a vital part of the defense of not only the financial sector, but the whole business ecosystem that runs on top of the Internet."
FS-ISAC's report outlines today's top threats:
- Convergence of nation-states and cybercriminals: Nation-state actors are leveraging the skills and tools of cyber criminals, either knowingly or not, to enhance their own capabilities.
- Third-party risk on an upward trend: Suppliers to financial firms will continue to be lucrative targets for threat actors, as shown by three highly visible incidents in the last two quarters.
- Cross-border attacks will increase: Cyber criminals test their attack in one country before hitting multiple continents and sub-verticals, as shown by a DDoS extortion campaign targeting ~100 financial institutions in months.
"Trying to outpace evolving cyber threats diverts resources from a financial firm's core business," said Steve Silberstein, FS-ISAC CEO. "As the global fincyber utility, FS-ISAC enables industry-wide cross-border sharing to pool resources, expertise, and capabilities to manage cyber risks and incident response."
More on the report's methodology here.
The Financial Services Information Sharing and Analysis Center (FS-ISAC) is the only global cyber intelligence sharing community solely focused on financial services. Serving financial institutions and in turn their customers, the organization leverages its intelligence platform, resiliency resources, and a trusted peer-to-peer network of experts to anticipate, mitigate and respond to cyber threats. Members represent over $35 trillion in assets under management in more than 70 countries. Headquartered in the United States, the organization has offices in the United Kingdom and Singapore. To learn more, visit www.fsisac.com.