Source: Shutterstock
Cybersecurity is a constant priority in financial services and cyber attackers are constantly evolving. What have been the main issues with cybersecurity in 2024?
What are the main cybersecurity trends of 2024?
Piers Wilson, Head of Product Management at Huntsman Security (PW): There are a few that are notable, one is AI. This seems to have three dimensions as far as cyber security goes. One (and this is far from new, more like a decade in the brewing) is using AI to detect changes and activity in networks and systems to detect attack. We’ve been doing this for a while, and it’s fairly mature, but obviously has a slightly newer level of attention. The second is using AI to aid the security operators in understanding or dealing with incidents. It’s not quite a paperclip, “It looks like you are trying to diagnose a security incident, would you like some help?”, but more like enabling easier search and access to knowledgebases, other experts and sources to help diagnose a threat using AI.
Lastly, and this is one of the most worrying, is its use to craft better and more convincing phishing emails, possibly even tailoring them for specific companies or people. Like asking chatGPT to write an email that would be most likely to get a member of the development team to click on a link…” as well as using AI to find other targets and ways to attack.
The other big one is operational resilience, this puts new (regulatory) pressure on organisations, specifically the FS, with policy statements from the FCA and security checklists form the BoE that mean financial service providers need to better understand their critical processes, the systems they rely on, the dependencies these have and the third parties that are part of the supply chain.
The OpRes agenda requires not just appropriate protective cyber security controls, but also a need to have thought about prevention, containment/mitigation, response and recovery – it’s about surviving incidents when they do occur as much as stopping them occurring.
Alex Holland, Senior Malware Analyst in the HP Wolf Security threat research team, at HP Inc (AH): Threat actors are increasingly employing a wide range of techniques to prevent campaigns being detected by security tools – with new evasion methods enabling attackers to infect computers under the radar appearing every day.”
Access the most comprehensive Company Profiles
on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
View profiles in store
Company Profile – free
sample
Thank you!
Your download email will arrive shortly
We are confident about the
unique
quality of our Company Profiles. However, we want you to make the most
beneficial
decision for your business, so we offer a free sample that you can download by
submitting the below form
By GlobalData
Country *
UK
USA
Afghanistan
Åland Islands
Albania
Algeria
American Samoa
Andorra
Angola
Anguilla
Antarctica
Antigua and Barbuda
Argentina
Armenia
Aruba
Australia
Austria
Azerbaijan
Bahamas
Bahrain
Bangladesh
Barbados
Belarus
Belgium
Belize
Benin
Bermuda
Bhutan
Bolivia
Bonaire, Sint
Eustatius
and
Saba
Bosnia and Herzegovina
Botswana
Bouvet Island
Brazil
British Indian Ocean
Territory
Brunei Darussalam
Bulgaria
Burkina Faso
Burundi
Cambodia
Cameroon
Canada
Cape Verde
Cayman Islands
Central African Republic
Chad
Chile
China
Christmas Island
Cocos Islands
Colombia
Comoros
Congo
Democratic Republic
of
the Congo
Cook Islands
Costa Rica
Côte d”Ivoire
Croatia
Cuba
Curaçao
Cyprus
Czech Republic
Denmark
Djibouti
Dominica
Dominican Republic
Ecuador
Egypt
El Salvador
Equatorial Guinea
Eritrea
Estonia
Ethiopia
Falkland Islands
Faroe Islands
Fiji
Finland
France
French Guiana
French Polynesia
French Southern
Territories
Gabon
Gambia
Georgia
Germany
Ghana
Gibraltar
Greece
Greenland
Grenada
Guadeloupe
Guam
Guatemala
Guernsey
Guinea
Guinea-Bissau
Guyana
Haiti
Heard Island and
McDonald
Islands
Holy See
Honduras
Hong Kong
Hungary
Iceland
India
Indonesia
Iran
Iraq
Ireland
Isle of Man
Israel
Italy
Jamaica
Japan
Jersey
Jordan
Kazakhstan
Kenya
Kiribati
North Korea
South Korea
Kuwait
Kyrgyzstan
Lao
Latvia
Lebanon
Lesotho
Liberia
Libyan Arab Jamahiriya
Liechtenstein
Lithuania
Luxembourg
Macao
Macedonia,
The
Former
Yugoslav Republic of
Madagascar
Malawi
Malaysia
Maldives
Mali
Malta
Marshall Islands
Martinique
Mauritania
Mauritius
Mayotte
Mexico
Micronesia
Moldova
Monaco
Mongolia
Montenegro
Montserrat
Morocco
Mozambique
Myanmar
Namibia
Nauru
Nepal
Netherlands
New Caledonia
New Zealand
Nicaragua
Niger
Nigeria
Niue
Norfolk Island
Northern Mariana Islands
Norway
Oman
Pakistan
Palau
Palestinian Territory
Panama
Papua New Guinea
Paraguay
Peru
Philippines
Pitcairn
Poland
Portugal
Puerto Rico
Qatar
Réunion
Romania
Russian Federation
Rwanda
Saint
Helena,
Ascension and Tristan da Cunha
Saint Kitts and Nevis
Saint Lucia
Saint Pierre and Miquelon
Saint Vincent and
The
Grenadines
Samoa
San Marino
Sao Tome and Principe
Saudi Arabia
Senegal
Serbia
Seychelles
Sierra Leone
Singapore
Slovakia
Slovenia
Solomon Islands
Somalia
South Africa
South
Georgia
and The South
Sandwich Islands
Spain
Sri Lanka
Sudan
Suriname
Svalbard and Jan Mayen
Swaziland
Sweden
Switzerland
Syrian Arab Republic
Taiwan
Tajikistan
Tanzania
Thailand
Timor-Leste
Togo
Tokelau
Tonga
Trinidad and Tobago
Tunisia
Turkey
Turkmenistan
Turks and Caicos Islands
Tuvalu
Uganda
Ukraine
United Arab Emirates
US Minor Outlying Islands
Uruguay
Uzbekistan
Vanuatu
Venezuela
Vietnam
British Virgin Islands
US Virgin Islands
Wallis and Futuna
Western Sahara
Yemen
Zambia
Zimbabwe
Kosovo
Industry *
Academia & Education
Aerospace, Defense &
Security
Agriculture
Asset Management
Automotive
Banking & Payments
Chemicals
Construction
Consumer
Foodservice
Government, trade bodies
and NGOs
Health & Fitness
Hospitals & Healthcare
HR, Staffing &
Recruitment
Insurance
Investment Banking
Legal Services
Management Consulting
Marketing & Advertising
Media & Publishing
Medical Devices
Mining
Oil & Gas
Packaging
Pharmaceuticals
Power & Utilities
Private Equity
Real Estate
Retail
Sport
Technology
Telecom
Transportation &
Logistics
Travel, Tourism &
Hospitality
Venture Capital
Tick here to opt out of curated industry news, reports, and event updates from Private Banker International.
Submit and
download
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
For example, cybercriminals changed the way Raspberry Robin is spreading. Threat actors have shifted to using highly obfuscated Windows Script Files (.wsf) with a range of anti-analysis and virtual machine detection techniques. This has made Raspberry Robin much harder to spot, triage, and protect against. In fact, currently the Windows Script loader is poorly detected by anti-virus scanners on VirusTotal, and some samples are not being detected at all. Additionally, a recent DarkGate PDF campaign evaded detection by proxying links though advertising networks. Each malicious link was obfuscated behind an advertising link, which helped the cybercriminals operating DarkGate to evade detection and even capture analytics about victims.
How can private banks and financial institutions combat the ever evolving threat of cyber criminals?
PW: The guidance on resilience, and this is seen again and again, can be helpful here. Survivability is key. So, consider prevention of cyber security incidents, how to contain them and limit the impact (or blast radius), then being able to respond – practiced and capable incident handling processes – and then recovery. Getting systems and functions back online and services restored quickly.
Within each of these “pillars” does of course lie a number of processes, controls, checks and safeguards. Getting visibility and having more effective oversight of the controls is also key. An annual “cyber security review” is not enough, the pace is way too quick for that. You need good, accurate real time risk information that can drive the operational work of technical teams as well as give the board a continuously refreshed picture of the risk landscape.
AH: Organisations must start building a more collaborative security culture as they settle into the future of hybrid work. But even so, they must prepare for the reality that most users will eventually click on something they shouldn’t.
As attacks against users increase, having security baked into people’s PCs from the hardware up – so they can easily prevent, detect, and recover from attacks – will be essential. Today, email is still the most common attack vector, particularly for opportunists like cyber hustlers. Isolating risky activities is an effective way of eliminating entire classes of threats without relying on detection. Threat containment technology ensures that if a user opens a link or attachment and something nasty comes through, the malware can’t infect anything. This way financial services organisations can reduce their attack surface and protect employees without hindering their workflows.
Who are cyber criminals targeting more than others?
PW: These days it’s almost anyone. The big difference in the last few years has been the geopolitical angle. Whereas it might just have been large enterprises and banks with a financial motive, now its critical infrastructure and any business that could have a disruptive effect on society.
AH: Home users or remote workers often get caught in the firing line, as they are easier to compromise than the enterprise. Cybercriminals can use simpler techniques, like scams and phishing – potentially capitalising on the economic downturn by offering people fast ways to make money, like cryptocurrency and investment scams. The interconnected nature of the cybercrime gig economy means threat actors can easily monetise attacks. And if they strike gold and compromise a corporate device, they can also sell that access to bigger players, like ransomware gangs. This all feeds into the cybercrime engine, giving organised groups even more reach.
What is the biggest hurdle in tackling cyber crime?
PW: Speed and bandwidth. The example of cyber security audits above is a good one. Checking controls annually is of little use, but doing that more often could be expensive if using manual/traditional processes, there’s a need to utilise technology better to free up the precious time of scarce security resources to work on finding and dealing with vulnerabilities and threats, not just endlessly reporting on controls, fielding audits and responding to questionnaires. As business more generally have undergone digital transformation, so too must cyber security operations and audit processes.
AH: In recent years we’ve seen the rise of the cybercrime gig economy, where the shift to platform-based business models has made cybercrime easier, cheaper and more profitable. Cybercrime tools and mentoring services are readily available at low costs, enticing cyber hustlers – opportunists with relatively low levels of technical skill – to access what they need to turn a profit. As we face another global downturn, easy access to cybercrime tools and know-how could increase the number of attacks we see – especially attacks against home users by opportunistic attackers.