BFSI - the prime target for cyberattacks

India's Banking Finance Services and Insurances (BFSI) industry is the prime target of the cyber criminals in the Asian region, a report of CloudSEK says. 7.4% were targeted towards India and 283 cyberattack incidents were recorded globally from January-June 2022 against 469 incidents in 2021.

The report says that the majority of cyber incidents in 2021 and 2022 were focused differently. While 2021 targeted banking entities on a global scale and North America with equal fervour, in 2022, there was a marked shift in interest towards Asia vis a vis North America. Incidents focusing on Europe, South America and the Middle East have also reported an upsurge in 2022.

India has been at the forefront of attacks targeted at the Asian region. 7.4 percent of the targeted attacks in the year 2022 were targeted toward the Indian subcontinent. Whether it was nationalised banks, crypto exchanges or wallets, NBFCs or credit card information leaks, India has emerged to be the newfound hotbed for cyberattacks in Asia. It can be attributed to the growing digitalisation and online banking systems that were catapulted during the pandemic.

The fast-track digitalisation and ubiquitous banking services have accelerated the growth of threats against the banking sector. The unprecedented growth of blockchain and cryptocurrency has further given threat actors access to the sector like never before.

This coupled with newer and evolving phishing mechanisms have given access to targeting the banking industry with new and improved TTPs. The scattered nature of stakeholders also makes the Banking and Finance Industry a risky proposition.

Various types of attacks have been identified; malware-based cyber incidents accounted for about 18 percent of the total attacks recorded against this sector in 2022. Trojans, Ransomware, Botnet, and Info Stealers have been the most popular attack vectors used by cybercriminals to target this industry. Inspired by the ease of implementation of the Business-as-a-Service (BaaS) model, cybercriminals have developed their variant known as Malware-as-a-Service.

Any threats to the banking and finance industry have a cascading effect on the overall economic development of a country. There are sophisticated Tactics, Techniques, and Procedures and mutated attacks are being employed to target the weakest links in the chain. A global wake-up call is the need of the hour to not be the pawn in these organised criminal activities,” CloudSEK researchers said.

Due to the increased sophistication of the strategies and malware used to target this industry, it has become imperative to develop stronger and more responsive preventive measures to protect this sector from any further attacks.

The Banking customers can shield themselves from cyber threats by keeping themselves informed of the ongoing financial scams in the news and practising safety measures such as not sharing OTP and ATM pins with anyone and not clicking on suspicious emails, messages, and links.

S Mohini Ratna, Editor, VARINDIA