Cyber threats faced by the financial sector

May 2016 Editor's Choice, Information Security

Cyber threats can be broadly categorised as either a computer network attack (CNA), aiming for the disruption, degradation or destruction of information and systems; or computer network exploitation (CNE), which focuses on accessing, stealing and exploiting information. Unfortunately, both are regularly used against the financial sector. When it comes to who is behind these attacks, they come from all corners of the web, from a lone hacktivist to a full-blown state-sponsored attack.

To get a grip on the question of what are the cyber threats faced by the financial sector, we need to explore who the potential attackers are, what they’re after and what their motives are.

Who is attacking?

MWR’s research has uncovered six different types of threat actor, each with their own methods, context and incentives, but all similar in that they are a real and very serious threat to financial institutions the world over:

Nation States – Nation states have many reasons to attack the financial sector, such as aspirations to boost their own financial centres through stolen software and data or to derail the systems of another states for political ends.

Terrorists – Terrorists are increasingly using cyber means to reach their goals – Al-Qaeda has called for e-jihad in the past while ISIS are attempting to recruit hackers through social media.

Hacktivists – Hacktivists’ political motives vary, but all use cyber attacks to express opposition to institutions and policy.

Well-placed individuals – Current or former employees with insight into systems and information, or contractors managing IT, could inflict high-impact damage.

Organised crime – A major source of financially-incentivised cyber attacks, organised crime is actively pursuing the low-risk yet high yield potential of cyber crime.

Competitors – Competitors engage in cyber operations motivated by economic advantage, either directly through in-house capability, or more often through intermediary actors such as criminal hackers for hire, or nation states supporting their industry.

How will they attack?

Cyber attacks can be highly specialised and bespoke, however, the majority of hostile actors opt simply for the most time- and cost-effective methods of compromise:

Computer network attack – The most common CNA is a distributed denial-of-service (DDoS) attack, which involves overwhelming online and Internet-connected services with large volumes of traffic, thus compromising availability. The attack stems from varied, often geographically disparate sources, usually compromised computers. This provides both a force multiplier and a veil to obscure the attacker’s identity; it could even implicate an innocent party.

Computer network exploitation – Social engineering is a common aspect of CNE, whereby sophisticated attackers use highly targeted phishing attacks as opposed to attacks where emails are sent to thousands of random users. Spear phishing is extremely effective, as specific details relating to the recipient’s work or personal life might be included, making the email far more believable. Alternatively, the attacker might use watering holes, where websites regularly visited by targeted individuals are compromised and infected with malware for the targets to unwittingly download.

Here’s a list of five key conditions that, together, will help financial organisations defend against attacks:

1. A good understanding of the motives of the attacking groups likely to target them.

2. Undertake an extensive programme to identify information assets.

3. Instigate an extensive project that identifies all the attack paths connected to these assets.

4. Justify the cost of removing these attack paths, and/or consolidating the assets to reduce the attack surface area.

5. Augment their attack monitoring and response, so that attacks can be efficiently curtailed in the early phases.

Organisations need to be aware of the various threats that face them, and accept that their part in society places them in the firing line. An up-to-date threat picture and a risk management strategy that is flexible to this dynamic risk are essential.

For more information, contact MWR South Africa, +27 (0)10 100 3159, [email protected], www.mwrinfosecurity.com





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

South African fire standards in a nutshell
Fire & Safety Editor's Choice Training & Education
The importance of compliant fire detection systems and proper fire protection cannot be overstated, especially for businesses. Statistics reveal that 44% of businesses fail to reopen after a fire.

Read more...
The growing role of hybrid backup
Infrastructure Information Security
As Africa’s digital economy rapidly grows, businesses across the continent are facing the challenge of securing data in an environment characterised by evolving cyberthreats, unreliable connectivity and diverse regulatory frameworks.

Read more...
Choicejacking bypasses smartphone charging security
News & Events Information Security
Choicejacking is a new cyberthreat that bypasses smartphone charging security defences to confirm, without the victim’s input or consent, that the victim wishes to connect in data-transfer mode.

Read more...
Most wanted malware
News & Events Information Security
Check Point Software Technologies unveiled its Global Threat Index for June 2025, highlighting a surge in new and evolving threats. Eight African countries are among the most targeted as malware leaders AsyncRAT and FakeUpdates expand.

Read more...
LidarVision for substation security
Fire & Safety Government and Parastatal (Industry) Editor's Choice
EG.D supplies electricity to 2,7 million people in the southern regions of the Czech Republic, on the borders of Austria and Germany. The company operates and maintains infrastructure, including power lines and high-voltage transformer substations.

Read more...
Standards for fire detection
Fire & Safety Associations Editor's Choice
In previous articles in the series on fire standards, Nick Collins discussed SANS 10400-T and SANS 10139. In this editorial, he continues with SANS 322 – Fire Detection and Alarm Systems for Hospitals.

Read more...
Wildfires: a growing global threat
Editor's Choice Fire & Safety
Regulatory challenges and litigation related to wildfire liabilities are on the rise, necessitating robust risk management strategies and well-documented wildfire management plans. Technological innovations are enhancing detection and suppression capabilities.

Read more...
SMARTpod talks to Sophos and Phishield
SMART Security Solutions Technews Publishing Sophos Videos Information Security News & Events
SMARTpod recently spoke with Pieter Nel, Sales Director for SADC at Sophos, and Sarel Lamprecht, MD at Phishield, about ransomware and their new cyber insurance partnership.

Read more...
Cybersecurity and insurance partnership for sub-Saharan Africa
Sophos News & Events Information Security Security Services & Risk Management
Sophos and Phishield Announce first-of-its-kind cybersecurity and insurance partnership for sub-Saharan Africa. The SMARTpod podcast, discussing the deal and the state of ransomware in South Africa and globally, is now also available.

Read more...
Corporate and academic teams can register for Kaspersky contest
Kaspersky News & Events Information Security
Kaspersky has announced the registration opening for its new Kaspersky{CTF} (Capture the Flag) competition, inviting academic and corporate teams from around the globe to compete in a battle of skill, strategy and innovation.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.