https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
    • IWCE’s Video Showcase
    • IWCE 2022 Winter Showcase
    • IWCE 2023 Pre-event Guide
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookie Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
    • IWCE 2023 Pre-event Guide
    • IWCE 2022 Winter Showcase
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Terms of Service
    • Privacy Statement
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Cybersecurity


Partner content

Cyberthreats, regulations mount for financial industry

Cyberthreats, regulations mount for financial industry

  • Written by Robert Lemos / Dark Reading
  • 22nd February 2023

The cybersecurity landscape for financial institutions and finance technology (fintech) has changed dramatically in the past few years, and 2023 will likely be no different.

In 2022, for example, distributed denial-of-service (DDoS) attacks targeting financial firms increased by 22% worldwide, compared to the previous year, according to a joint report published by the Financial Services Information Sharing and Analysis Center (FS-ISAC) and Internet infrastructure firm Akamai. Financial institutions in Europe saw an even greater jump, with 73% more DDoS attacks, the report stated.

While many businesses wave aside DDoS attacks as noise on the Internet, such tactics are increasingly used as a diversion tool, especially with geopolitical tensions running high, as they have since Russia invaded Ukraine, says Teresa Walsh, global head of intelligence at the FS-ISAC.

Financial institutions need to gauge “the potential for DDoS attacks to be used as a decoy for more damaging cyber activities, such as the infiltration of systems and the installation of malware,” she says. “While DDoS attacks themselves tend to not cause large windows of downtime due to a wide array of standard defensive measures available to financial institutions, the same practices are not as readily available for DDoS used as a smokescreen.”

The increase in DDoS attacks is just one area where financial services and fintech firms face an increasing level of threats. Driven by nation-state groups taking sides in the Russia-Ukraine war, ransomware is becoming more destructive, while attacks on financial data are increasingly a problem facing all types of organizations. In addition, attackers are using cybercriminal services — such as access brokers and ransomware-as-a-service — leading to more specialized and sophisticated operations against financial institutions and cryptocurrency services.

Regulations are also changing the cybersecurity landscape for financial firms, which must now — as of May 1, 2022 — disclose cyber incidents within 36 hours to their regulators in the United States, if the incident could impact the US banking system. At the same time, the recent ransomware attack on derivative service provider ION Group and the ongoing popularity of business email compromise (BEC) schemes shows the brittleness of the financial supply chain.

While financial firms have some of the best cybersecurity, attackers continue to find ways to succeed, says Tom Kellermann, senior vice president of cyber strategy at Contrast Security.

“They have invested much more than other industries in cybersecurity, they have the best technologies, and they have some of the very best people in the world,” he says. “But they’re being hunted by the most organized sophisticated cybercrime cartels in the world, coupled with intelligence services from rogue nation states who want to hack the sector — not just for the purposes of economic espionage, but to help offset economic sanctions.”

Geopolitics & Cybercriminal Specialization Spur Changes

Two major forces are changing the overall cybersecurity landscape. Russia’s invasion of Ukraine has led to a parallel cyberwar that, unlike the physical conflict, has spilled outside the boundaries of those two nations. The Russia-Ukraine conflict has led to a greater number of attackers focusing on destructive operations, in addition to stealing funds or deploying ransomware for profit.

More than half (54%) of financial firms interviewed by Contrast Security considered cyberattacks from Russia as the top threat, with a quarter naming North Korea as their top worry.

“The Russians are most concerning to these institutions because Russian cybercrime cartels are far more knowledgeable of, not only the financial sector in terms of how it operates and what is most valuable … but also the interdependencies that exists in the sector,” Kellermann says. “Which is why you’re seeing that surge of attacks against APIs and an increase in island-hopping and watering hole attacks.”

Overall, cyberattacks in the sector have become more sophisticated, with many traditionally standalone attacks now being used as part of more complex operations, with “as-a-service” models replacing some parts of the attack chain. Access brokers have become far more popular, as demonstrated by the growth of the Emotet malware-as-a-service operation, cybersecurity firm Kaspersky said in a list of cyberthreats targeting the financial services industry.

To read the complete article, visit Dark Reading.

 

 

 

 

Tags: Applications Critical Infrastructure Cybersecurity Enterprise Federal Government/Military Funding Interoperability News Policy Public Safety Security Software State & Local Government System Design System Installation System Operation Test & Measurement Tracking, Monitoring & Control Training Partner content

Most Recent


  • Microsoft Outlook vulnerability could be 2023's 'It' bug
    Microsoft recently patched a zero-day vulnerability under active exploit in Microsoft Outlook, identified as CVE-2023-23397, which could enable an attacker to perform a privilege escalation, accessing the victim’s Net-NTLMv2 challenge-response authentication hash and impersonating the user. Now it’s becoming clear that CVE-2023-23397 is dangerous enough to become the most far-reaching bug of the year, security researchers are […]
  • Getting to know the how—and why—of the telecom cloud
    A funny thing happened during the pandemic: The giant cloud hyperscalers burst into the telecom industry. And now it’s time for everyone to get acquainted with them. Why? Well, it seems increasingly inevitable that a certain percentage – ranging from “a little” to “most” – of telecom operators’ network functions are going to run in […]
  • Zipline delivery drone docks, charges by itself
    Zipline has unveiled its new autonomous drone platform, designed to provide accurate everyday delivery to homes in the U.S., including in busy residential areas. Zipline’s previous delivery system worked by parachuting parcels into a specified area. Now the new drone, dubbed Platform 2 or P2 Zip, sends its goods down to customers via a tether […]
  • State and local leaders can alleviate the burden on public-safety personnel by tackling three workforce trends
    Government officials and public safety leaders wear many different hats. They serve as sounding boards for constituent complaints and for new ideas that need vetting. They are change agents charged with improving the lives of citizens and colleagues and are tasked with keeping order. Their most daunting responsibility, however, is keeping members of their community […]

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • House bill introduced to extend FCC spectrum-auction authority to May
  • This will be the year of the SBOM, for better or for worse
  • Half of apps have high-risk vulnerabilities due to open source
  • AWS deepens product set for public, private networks

Commentary


Updated: How ‘sidelink’ peer-to-peer communications can enhance public-safety operations

  • 1
27th February 2023

NG911 needed to secure our communities and nation

24th February 2023

How 5G is making cities safer, smarter, and more efficient

26th January 2023
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

Zipline delivery drone docks, charges by itself dlvr.it/SlBNWy

20th March 2023
UrgentComm

State and local leaders can alleviate the burden on public-safety personnel by tackling three workforce trends dlvr.it/SlBH89

20th March 2023
UrgentComm

6G is shaping up to disappoint, and the industry can blame itself dlvr.it/Sl918J

20th March 2023
UrgentComm

Change is coming to the network detection and response (NDR) market dlvr.it/Sl4cts

18th March 2023

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.