Financial firms to experience more cyber attacks in 2022

FS-ISAC new report finds third-party risk, zero-day vulnerability, and ransomware will remain the top cyber threats facing financial institutions in 2022

The rapid digitisation of the financial services sector has led to an increase in global cyber threats in 2021, finds the Financial Services Information Sharing and Analysis Center (FS-ISAC), the only global cyber intelligence sharing community solely focused on financial services.

Announced in its annual Global Intelligence Office report, Navigating Cyber 2022, the company expects that in 2022 third-party risk, zero-day vulnerabilities, and ransomware groups will adapt to the changing cyber environment and continue to increase.  

FS-ISAC members represent over US$35tn in assets under management, with 16,000 users in 65 countries. Headquartered in the United States, the organisation also has offices in the United Kingdom, the Netherlands, and Singapore. 

Defending financial institutions against cyber threats

Several high-profile third-party incidents have impacted the security and availability of products and services used by many financial firms. Many of the major incidents over the past year have elements of all three trends recognised in the report, with third-party suppliers as the attack surface, zero-day vulnerabilities the key infection vector, and ransomware the end threat. 

These high-level trends translate into increased cyber activity for the sector on a daily basis. Member financial firms around the world reported high levels of social engineering such as phishing and business email compromise (the entry point for most attacks), the persistence of some of the most notorious malware strains often used to drop ransomware, and a new level of scale and sophistication.

"As the threat landscape continues to evolve at a rapid pace, cross-border intelligence sharing is critical to help defend financial institutions against cyber threats," said Steven Silberstein, CEO of FS-ISAC. "As the global fincyber utility, FS-ISAC enables industry-wide cross-border sharing to pool resources, expertise, and capabilities to better manage cyber risks that the global financial industry faces on a daily basis."

Issuing more financial regulation 

Financial regulators around the world have already begun to issue more stringent guidance on third-party risk management and operational resilience. 

From the US Securities and Exchange Commission to the European Central Bank to the Monetary Authority of Singapore, authorities have signaled they plan to increase cybersecurity compliance obligations such as mandating cyber risk and incident disclosures, shortening notification windows, and holding firms accountable for service providers’ cybersecurity measures. Authorities are getting more involved in information sharing and warnings as geopolitical tensions increasingly play out in the cyber sphere, especially that of critical infrastructure. 

"The macro-level cyber landscape translates into increased cyber threat activity on a daily basis, as cybercriminals are endlessly inventive in how they gain access and leverage to extort victims," said Teresa Walsh, Global Head of Intelligence at FS-ISAC. "Phishing schemes continue to be one of the most popular tactics threat actors use to access networks. In fact, 24% of FS-ISAC member-reported incidents are phishing campaigns targeting employees."


Featured Articles

Capital One's Takeover of Discover: All you Need to Know

Capital One's proposed US$35.3bn acquisition of Discover Financial would bring together two of the largest credit card companies in the US

Sustainability LIVE Net Zero: Sustainable Finance Insights

Financial services and banking executives have the opportunity to hear from the world’s biggest sustainability leaders discussing the future of Net Zero

EPAM: 96% of Consumers Happy With AI in Banking

EPAM Continuum has conducted its 2024 Consumer Banking Report, suggesting that 96% of consumers are happy with banks adopting AI

Bitcoin Reclaims US$1tn Valuation; the Bull Market is Here


COMING SOON: Top 100 Women in FinTech 2024

Digital Payments

FinTech LIVE Dubai: Linoy Kidd, CIO at HSBC

Financial Services (FinServ)