Financial firms to experience more cyber attacks in 2022

FS-ISAC new report finds third-party risk, zero-day vulnerability, and ransomware will remain the top cyber threats facing financial institutions in 2022

The rapid digitisation of the financial services sector has led to an increase in global cyber threats in 2021, finds the Financial Services Information Sharing and Analysis Center (FS-ISAC), the only global cyber intelligence sharing community solely focused on financial services.

Announced in its annual Global Intelligence Office report, Navigating Cyber 2022, the company expects that in 2022 third-party risk, zero-day vulnerabilities, and ransomware groups will adapt to the changing cyber environment and continue to increase.  

FS-ISAC members represent over US$35tn in assets under management, with 16,000 users in 65 countries. Headquartered in the United States, the organisation also has offices in the United Kingdom, the Netherlands, and Singapore. 

Defending financial institutions against cyber threats

Several high-profile third-party incidents have impacted the security and availability of products and services used by many financial firms. Many of the major incidents over the past year have elements of all three trends recognised in the report, with third-party suppliers as the attack surface, zero-day vulnerabilities the key infection vector, and ransomware the end threat. 

These high-level trends translate into increased cyber activity for the sector on a daily basis. Member financial firms around the world reported high levels of social engineering such as phishing and business email compromise (the entry point for most attacks), the persistence of some of the most notorious malware strains often used to drop ransomware, and a new level of scale and sophistication.

"As the threat landscape continues to evolve at a rapid pace, cross-border intelligence sharing is critical to help defend financial institutions against cyber threats," said Steven Silberstein, CEO of FS-ISAC. "As the global fincyber utility, FS-ISAC enables industry-wide cross-border sharing to pool resources, expertise, and capabilities to better manage cyber risks that the global financial industry faces on a daily basis."

Issuing more financial regulation 

Financial regulators around the world have already begun to issue more stringent guidance on third-party risk management and operational resilience. 

From the US Securities and Exchange Commission to the European Central Bank to the Monetary Authority of Singapore, authorities have signaled they plan to increase cybersecurity compliance obligations such as mandating cyber risk and incident disclosures, shortening notification windows, and holding firms accountable for service providers’ cybersecurity measures. Authorities are getting more involved in information sharing and warnings as geopolitical tensions increasingly play out in the cyber sphere, especially that of critical infrastructure. 

"The macro-level cyber landscape translates into increased cyber threat activity on a daily basis, as cybercriminals are endlessly inventive in how they gain access and leverage to extort victims," said Teresa Walsh, Global Head of Intelligence at FS-ISAC. "Phishing schemes continue to be one of the most popular tactics threat actors use to access networks. In fact, 24% of FS-ISAC member-reported incidents are phishing campaigns targeting employees."


Featured Articles

Why customer loyalty platforms are more like typewriters

Loyalty programmes are like typewriters, Comarch says. You have the tools to create something great, but you still have to put in the hard yards yourself.

Women in Fintech: Annelyse Fournier, COO of PDX Global

We caught up with Annelyse Fournier, the COO of PDX Global to find out why she entered fintech, what inspires her, and how the industry has changed

Women in Fintech: Sasha Pilch of Fin Capital talks assets

Sahsa Pilch , Principal at Fin Capital, is an expert in asset management. She discusses women in fintech, the economic the downturn and emerging trends

Struggling to scale? Fintech decacorns and the downturn


Fintech Trailblazer Nikolay Storonsky, Revolut’s dynamic CEO


How to take your subscription business to the next level

Digital Payments