This week’s Cyber Pulse Mid-Week Briefings cover Australia’s new Cyber Security Bill, rising ransomware claims, Zscaler's AI-driven platform growth, and cyber threats from East Asia, including Chinese influence operations, North Korean tech theft, and costly global data breach claims.
Visa boosts AI fraud detection with Featurespace acquisition, lifting its stock; Experian expands Latin American security by acquiring ClearSale; Booz Allen shares cyber expertise at Singapore International Cyber Week; Torq secures $70M for global growth; SentinelOne and Okta shine in top awards.
With OpenAI’s shift to a $157 billion for-profit model, CEO Sam Altman maintains its mission to "benefit humanity." However, as investors seek high returns and Altman stands to gain equity, doubts arise over who truly benefits from OpenAI’s growth—society or its shareholders?
The Battle Against Politically Motivated Cyber attacks on Banks
Politically driven cyberattacks, particularly DDoS, are rising in the financial sector, with a 154% increase in 2023. Hacktivists target banks in conflict zones, highlighting the urgent need for stronger cybersecurity to protect against these growing threats.
The Global finance sector is under constant threats, banks and financial institutions are increasingly targeted by cyberattacks, a trend driven by politically motivated hackers known as 'hacktivists.'
These cyber threats, primarily denial-of-service (DoS) attacks, aim to disrupt the online presence of firms positioned in geopolitical conflict zones. The escalation of such attacks underscores the critical need for robust cybersecurity measures within the financial sector.
Teresa Walsh, the Global Head of Intelligence for the Financial Services Information Sharing and Analysis Center (FS-ISAC), highlights the severity of these attacks, noting that even minimal downtime can significantly damage a bank's reputation.
The FS-ISAC, in collaboration with Akamai Technologies, reported a striking 154% increase in DoS attacks against the financial sector in 2023, with incidents spanning 225 financial firms across 39 countries. This surge in cyberattacks corresponds with geopolitical tensions, notably since the onset of the Russia-Ukraine conflict in 2022.
“Even just being offline for a minute can cause huge reputational risks,” she said.
Hacktivist groups have intensified their cyber operations, using DoS attacks to express opposition to companies based on their political affiliations or statements. The tactic has been employed against a range of targets, including government offices and businesses supporting Ukraine or associated with NATO. The European Parliament and humanitarian organisations in conflict zones like Israel and Gaza have also been victims of such cyber disruptions.
Steve Winterfeld, Akamai's Advisory Chief Information Security Officer, describes the evolving challenge of DoS attacks in terms of their increased speed, scope, and complexity. Financial firms report a trend of attacks targeting multiple online services simultaneously, exacerbating the difficulty of mitigating these threats.
“The speed, the scope, the complexity—all of that really continues to grow at what I would call an aggressive rate,” he said.
The broader implications of cyberattacks on the financial sector have been starkly illustrated by major ransomware incidents, such as the attack on Australian law firm HWL Ebsworth, affecting several banks. The Reserve Bank of Australia has warned of the systemic risks posed by severe cyberattacks, which could lead to financial distress for affected institutions and undermine the economy's stability.
Authorities across major western economies, including the SEC in the United States and the NCSC in the United Kingdom, have emphasised the growing sophistication of cyber adversaries. The financial industry is urged to remain vigilant, continually enhancing cybersecurity defences to protect against a wide array of threats, including sophisticated scams that have already cost Australians more than $367 million in a single year.
One significant breach involved the BlackCat ransomware gang accessing HWL Ebsworth's servers and stealing extensive data. Professor Monica Whitty of Monash University calls for greater transparency and improved cybersecurity measures to protect against such breaches.
In the latter half of the previous year, European financial services firms were disproportionately affected by a surge in cyberattacks, particularly denial-of-service (DDoS) incidents.
According to a report, from June to December, 66% of DDoS attacks monitored by Akamai Technologies were directed at financial institutions within Europe. Meanwhile, in the Americas, financial services companies were the target of 28% of all DDoS attacks among Akamai's clientele. This data underscores that, across both continents, the financial sector was more frequently targeted by DDoS attacks than any other industry.
Teemu Ylhäisi, the Chief Information Security Officer (CISO) at OP Financial Group, one of Finland’s leading banks, observed,
"DDoS attacks are primarily digital protests. Various groups deploy them to convey a message or advocate for a cause, subsequently causing disruptions."
In 2023, the financial services sector in Europe has particularly felt the impact of these cyber threats. OP Financial Group itself reported a staggering 200% increase in DDoS attack attempts over the year, a rise significantly influenced by hacktivist actions amidst the ongoing conflict in Ukraine.
This uptick in cyber threats, including the strategic use of DoS attacks by ransomware groups, underscores the complex cybersecurity landscape facing the financial sector. As Teresa Walsh poignantly observes, the immediate aftermath of an attack often raises concerns about potential concurrent threats, highlighting the need for a proactive and comprehensive approach to cybersecurity in the financial industry.
Visa boosts AI fraud detection with Featurespace acquisition, lifting its stock; Experian expands Latin American security by acquiring ClearSale; Booz Allen shares cyber expertise at Singapore International Cyber Week; Torq secures $70M for global growth; SentinelOne and Okta shine in top awards.
With OpenAI’s shift to a $157 billion for-profit model, CEO Sam Altman maintains its mission to "benefit humanity." However, as investors seek high returns and Altman stands to gain equity, doubts arise over who truly benefits from OpenAI’s growth—society or its shareholders?
Swiss Post strengthens its digital security with the acquisition of Open Systems, while Second Front Systems and Picus Security secure major funding for expansion. Intezer, EasyDMARC, and RunSafe scale up in cybersecurity, and the UK claims the top spot in CyberTech investment in Europe for H1 2024.
Google is investing $1 billion in Thailand to expand AI and cloud infrastructure, while Meta is setting up manufacturing for its Quest 3S in Vietnam. Both moves position Southeast Asia as a key player in the global AI arms race, with tech giants racing to dominate the region’s digital economy.