Share this article on:
Web application attacks on the financial services industry (FSI) increased 38 per cent between January and June 2021, new data from Imperva Research Labs has revealed.
Cyber criminals were increasingly targeting FSI with distributed denial of service (DDoS) and ransom DDoS attacks to disrupt operations, and to steal sensitive data via specific web applications attacks – namely data leakage, RCE/RFI and cross-site scripting (XSS).
The attacks are becoming bigger and more consistent, particularly in Australia, Singapore and broader south-east Asia, according to Stuart Wilson, APAC vice president for financial services Imperva.
“The sharp increase in attacks is linked to the rapid digital transformation that has taken place throughout COVID."
"The financial services sector has invested significantly to expand their digital products and services to customers."
"At the same time, more and more customers are required to transact online in lieu of face-to-face contact – this digital expansion has created more opportunities for cyber criminals,” Wilson said.
Imperva Research Labs found that the number of requests per second (RPS) in Layer 7 DDoS attacks targeting financial services tripled since April 2021. DDoS attacks aim to overwhelm server resources by flooding a server with so much traffic in the form of requests to connect until it is no longer capable of responding. The higher the number of requests per second (RPS) the more intense the attack.
In late 2020, Imperva also noted a considerable increase in the number of serious ransom denial of service (RDoS) threats, targeting thousands of large commercial organisations globally including many in financial services.
“The increased reliance on online banking and other financial services means the impact of a DDoS disruption today is greater than it has ever been before. A few seconds of downtime can equate to hundreds of thousands in lost revenue, and have a lasting impact on a brand's digital reputation. This makes it an effective tool for cyber criminals,” Wilson continued.
RDoS campaigns are extortion-based DDoS threats motivated by financial gain. The extortionists often leverage the names of well-known threat actor groups in their extortion emails to demand payment in bitcoin currency to prevent a DDoS attack on the target’s network. In the first six months of 2021, Imperva Research Labs noticed these threats were rising.
Attacks on sensitive data are escalating at an unprecedented rate and in January 2021, Imperva Research Labs reported that more than 870 million records had been compromised – more than the total number of compromised records for all of 2017.
Financial services hold the dubious title of “most-breached sector”, accounting for 35 per cent of all data breaches with the most common type of data stolen is personal data.
“Digital transformation is creating more opportunities for hackers to steal sensitive data,” Wilson said.
“The pace financial organisations are rolling out new technology can see processes and resources stretched. This is when mistakes can happen and vulnerabilities are exploited.
"This, along with stricter data privacy laws, is making sensitive data protection an unprecedented challenge.”
Financial websites are relying more on third-party scripts to provide better services for their customers, but due to the high volume of digital transactions processing financial assets and other sensitive data, they are a rich target for client-side attacks. As these JavaScript services execute on the client-side, inside the browser and communicate directly to the third party, security teams don’t often see this communication happening.
Once credit card details have been stolen, the data may be used immediately by cyber criminals to acquire goods or sold to other criminals for later exploitation. In either case, this poses a serious risk. Consumers and their financial services providers don’t find out until it is too late.
“It isn’t just about speed and velocity of transformation, it’s also about scope, these organisations need to manage dramatically higher volumes and greater complexity of how data is being managed," Wilson added.
[Related: Accenture attacked with LockBit ransomware]
Nastasha is a Journalist at Momentum Media, she reports extensively across veterans affairs, cyber security and geopolitics in the Indo-Pacific. She is a co-author of a book titled The Stories Women Journalists Tell, published by Penguin Random House. Previously, she was a Content Producer at Verizon Media, a Digital Producer for Yahoo! and Channel 7, a Digital Journalist at Sky News Australia, as well as a Website Manager and Digital Producer at SBS Australia. Nastasha started her career in media as a Video Producer and Digital News Presenter at News Corp Australia.