The finance and insurance sector proved a top target for cybersecurity threats in 2022. The IBM Security X-Force Threat Intelligence Index 2023 found this sector ranked as the second most attacked, with 18.9% of X-Force incident response cases. If, as Shakespeare tells us, past is prologue, this sector will likely remain a target in 2023. Finance and insurance ranked as the most attacked sector from 2016 to 2020, with the manufacturing sector the most attacked in 2021 and 2022.
What are the Top Threats?
The X-Force threat report found that backdoor attacks in the finance and insurance sector were the most commonly observed action on objective, making up 29% of attacks. In fact, backdoor attacks — the compromise of systems or data by remotely negating or bypassing security measures — were the most common type of attacker action that X-Force incident responders handled. The next top attack types for this sector, both at 11%, were ransomware (code that blocks access to data or systems until money is paid) and maldocs (files, like word processing documents, spreadsheets or PDF documents that execute malicious code when interacted with).
Why do cyber criminals use these types of attacks against the finance and insurance industry? Because they work. These attacks rely on user carelessness and distraction, allowing an attacker to gain an opening. Backdoor compromises often happen as a result of unpatched vulnerabilities or lacking security measures. Ransomware and maldoc attacks happen when a person clicks on a fake link or opens an attachment they shouldn’t. In fact, the report found that in this sector, the top infection vector was spear phishing attachments, used in 53% of attacks. The exploitation of public-facing applications came in second place at 18% of attacks. This is when cr ..
Support the originator by clicking the read the rest link below.
