This week’s Cyber Pulse Mid-Week Briefings cover Australia’s new Cyber Security Bill, rising ransomware claims, Zscaler's AI-driven platform growth, and cyber threats from East Asia, including Chinese influence operations, North Korean tech theft, and costly global data breach claims.
Visa boosts AI fraud detection with Featurespace acquisition, lifting its stock; Experian expands Latin American security by acquiring ClearSale; Booz Allen shares cyber expertise at Singapore International Cyber Week; Torq secures $70M for global growth; SentinelOne and Okta shine in top awards.
With OpenAI’s shift to a $157 billion for-profit model, CEO Sam Altman maintains its mission to "benefit humanity." However, as investors seek high returns and Altman stands to gain equity, doubts arise over who truly benefits from OpenAI’s growth—society or its shareholders?
Banking Industry Prime Target for Cybersecurity Breaches
DDoS attacks on the financial sector, especially in Asia-Pacific, are rising sharply. Banks are the primary targets, with attacks increasing by 154% from 2022 to 2023. Hacktivism and cheap, powerful botnets drive these attacks, posing significant risks to system stability and trust.
Financial sector, especially in Asia-Pacific, faces a sharp rise in DDoS attacks, with banks most affected.
DDoS threats to banks risk system stability and trust due to their online service dependence.
Increased botnet power and hacktivism fuel cheap, effective DDoS attacks from the dark web.
Cyber Offenders Favour DDoS Tactics Against Banking Sector
The escalating menace of Distributed Denial-of-Service (DDoS) attacks has put the financial sector squarely in the crosshairs of cybercriminals.
Highlighted in the FS-ISAC and Akamai Technologies' report "DDoS: Here to Stay," this worrying trend shows no sign of abating, particularly in the Asia-Pacific region where the financial industry is now the third most targeted for cyberattacks, trailing only behind commerce and gaming.
This designation underscores the broad and increasing risk of cyber threats faced by the sector.
A notable uptick in such cyberattacks, chiefly orchestrated by hacktivists and targeting entities in geopolitically sensitive areas, aims to disrupt the essential online services of these institutions.
The reliance on uninterrupted online presence makes these disruptions more than just inconvenient; they pose a significant threat to the stability and trust in financial systems.
Teresa Walsh, the global head of intelligence at the Financial Services Information Sharing and Analysis Center, underscores the gravity of these threats, noting,
"Even just being offline for a minute can cause huge reputational risks."
This statement highlights the high stakes involved in maintaining continuous online service availability.
In a closer look at the Asia-Pacific region, the report reveals that 11% of DDoS attacks were directed at financial services, with banks suffering the majority of these attacks (91%), a figure that significantly outstrips the global average.
From 2022 to 2023, there was a stark 154% rise in DDoS attacks against the sector, with financial services accounting for 35% of all such attacks globally, thereby eclipsing the gaming industry as the most frequently targeted.
This increase in attacks is linked to the proliferation of more powerful botnets and a surge in hacktivism, often propelled by geopolitical strife.
The report stresses the critical need for robust cybersecurity measures to counteract these threats, particularly those launched via cost-effective DDoS-for-hire services found on the dark web.
Moreover, the report documents a notable rise in both the frequency and intensity of DDoS attacks over 2023, with high-profile banking institutions and those with significant brand recognition being particularly vulnerable.
Despite likely having more sophisticated defence mechanisms, the potential for operational disruption, eroding customer trust, and financial losses remains a significant concern.
Experts from FS-ISAC and Akamai provide insights into the shifting dynamics of DDoS threats.
The document highlights some of the most noteworthy security incidents of 2023, including the largest DDoS attacks that Akamai has encountered across the U.S., Europe, and the APAC region. In a standout moment, Akamai successfully neutralised an unprecedented attack in the APAC area, leveraging the expertise of over 225 front-line responders, a targeted defence capability platform, and advanced DDoS mitigation tactics.
Despite the attack's intensity, peaking at 900.1 Gbps and 158.2 Mbps, it resulted in no collateral damage.
In alignment with Akamai's latest State of the Internet (SOTI) reports for the financial services and commerce sectors, the financial industry continues to be the most targeted sector for web application and API attacks in the APJ region, with commerce following closely behind.
Since the June 2023 analysis, the financial sector has seen attacks surge to over 4.5 billion—a significant rise from 3.7 billion, marking an 18% increase.
Furthermore, since our March 2023 assessment, the commerce sector has witnessed attacks escalate from 1.2 billion to 1.9 billion, indicating a substantial 58% increase. The distribution of attacks within sub-verticals has stayed fairly stable (Figure 1).
Steve Winterfeld, Advisory CISO at Akamai, further explains,
"DDoS attackers use a variety of techniques to annoy, harass, and extort companies. These attacks cost little to launch and can do serious damage to a company’s brand."
This collaborative effort highlights the urgent need for the financial sector to prioritise cybersecurity, enhance defences, and comply with evolving regulations to fend off the persistent threat posed by DDoS attacks.
This week’s Cyber Pulse Mid-Week Briefings cover Australia’s new Cyber Security Bill, rising ransomware claims, Zscaler's AI-driven platform growth, and cyber threats from East Asia, including Chinese influence operations, North Korean tech theft, and costly global data breach claims.
Telegram is tightening its policies, sharing user IPs and phone numbers of criminals with authorities. As hybrid warfare blends state-backed hacking with cybercrime, Telegram faces pressure to curb illegal activities exploiting its encryption features.
BlackSuit Ransomware Strikes Again! The notorious hackers behind last year's Dallas attack have rebranded as BlackSuit, now demanding $500 million in ransoms! The FBI and CISA confirm the group's new identity, with aggressive tactics and enhanced methods to pressure victims into paying up.