Politically Driven Cyberattacks Disrupting Financial Services Worldwide
The Global finance sector is under constant threats, banks and financial institutions are increasingly targeted by cyberattacks, a trend driven by politically motivated hackers known as 'hacktivists.'
These cyber threats, primarily denial-of-service (DoS) attacks, aim to disrupt the online presence of firms positioned in geopolitical conflict zones. The escalation of such attacks underscores the critical need for robust cybersecurity measures within the financial sector.
Teresa Walsh, the Global Head of Intelligence for the Financial Services Information Sharing and Analysis Center (FS-ISAC), highlights the severity of these attacks, noting that even minimal downtime can significantly damage a bank's reputation.
The FS-ISAC, in collaboration with Akamai Technologies, reported a striking 154% increase in DoS attacks against the financial sector in 2023, with incidents spanning 225 financial firms across 39 countries. This surge in cyberattacks corresponds with geopolitical tensions, notably since the onset of the Russia-Ukraine conflict in 2022.
“Even just being offline for a minute can cause huge reputational risks,” she said.
Hacktivist groups have intensified their cyber operations, using DoS attacks to express opposition to companies based on their political affiliations or statements. The tactic has been employed against a range of targets, including government offices and businesses supporting Ukraine or associated with NATO. The European Parliament and humanitarian organisations in conflict zones like Israel and Gaza have also been victims of such cyber disruptions.
Steve Winterfeld, Akamai's Advisory Chief Information Security Officer, describes the evolving challenge of DoS attacks in terms of their increased speed, scope, and complexity. Financial firms report a trend of attacks targeting multiple online services simultaneously, exacerbating the difficulty of mitigating these threats.
“The speed, the scope, the complexity—all of that really continues to grow at what I would call an aggressive rate,” he said.
The broader implications of cyberattacks on the financial sector have been starkly illustrated by major ransomware incidents, such as the attack on Australian law firm HWL Ebsworth, affecting several banks. The Reserve Bank of Australia has warned of the systemic risks posed by severe cyberattacks, which could lead to financial distress for affected institutions and undermine the economy's stability.
Authorities across major western economies, including the SEC in the United States and the NCSC in the United Kingdom, have emphasised the growing sophistication of cyber adversaries. The financial industry is urged to remain vigilant, continually enhancing cybersecurity defences to protect against a wide array of threats, including sophisticated scams that have already cost Australians more than $367 million in a single year.
One significant breach involved the BlackCat ransomware gang accessing HWL Ebsworth's servers and stealing extensive data. Professor Monica Whitty of Monash University calls for greater transparency and improved cybersecurity measures to protect against such breaches.
In the latter half of the previous year, European financial services firms were disproportionately affected by a surge in cyberattacks, particularly denial-of-service (DDoS) incidents.
According to a report, from June to December, 66% of DDoS attacks monitored by Akamai Technologies were directed at financial institutions within Europe. Meanwhile, in the Americas, financial services companies were the target of 28% of all DDoS attacks among Akamai's clientele. This data underscores that, across both continents, the financial sector was more frequently targeted by DDoS attacks than any other industry.
Teemu Ylhäisi, the Chief Information Security Officer (CISO) at OP Financial Group, one of Finland’s leading banks, observed,
"DDoS attacks are primarily digital protests. Various groups deploy them to convey a message or advocate for a cause, subsequently causing disruptions."
In 2023, the financial services sector in Europe has particularly felt the impact of these cyber threats. OP Financial Group itself reported a staggering 200% increase in DDoS attack attempts over the year, a rise significantly influenced by hacktivist actions amidst the ongoing conflict in Ukraine.
This uptick in cyber threats, including the strategic use of DoS attacks by ransomware groups, underscores the complex cybersecurity landscape facing the financial sector. As Teresa Walsh poignantly observes, the immediate aftermath of an attack often raises concerns about potential concurrent threats, highlighting the need for a proactive and comprehensive approach to cybersecurity in the financial industry.
