Skip to main content

Thales and Sekoia release financial cyberthreat report

And it’s a risk they can no longer take. In their financial cyberthreat report, part of their recent teaming arrangement, Thales and Sekoia offer a detailed insight into the cyberthreats to financial activities.

Cyber Threat Intelligence (CTI) is crucially important in this new approach to understanding the threats to organisations. To better protect against attacks, organisations must think ahead, interpret the threats, trends and evolving operating methods of attackers and adapt their detection systems accordingly.

To this end, Thales and Sekoia — recognised players in the fight against cybercrime — have decided to work together, share their sources and combine their knowledge of the risks. As part of their day-to-day collaboration, the two companies have produced a report on financial cyberthreats, providing economic stakeholders with a deep understanding of the threats they face.

Drawing on open-source information and analysis by their respective teams, Thales and Sekoia reveal the following trends in the evolving cyberthreat landscape:

  • New cyberthreats are increasingly being deployed in the financial sector first, and then replicated elsewhere, notably in the geopolitical realm, hence the importance of closely monitoring what’s happening in finance.
  • Attackers targeting financial activities are increasingly well organised, often at an international level. They form structured groups able to conduct sophisticated attacks, typically by acting remotely and simultaneously using malware and through physical contact with the target (e.g. attacks on ATMs).
  • Financial cybercrime isn’t only perpetrated by isolated criminal groups. States may be significantly involved, with varying objectives and modes of attack.
  • Financial cyberattacks use four main vectors:

    * ATMs (automated teller machines) have been targeted increasingly often since 2017, with a sharp rise in the sale on the dark web of malware specifically designed for this type of attack.
    * Smartphones used increasingly for online shopping and banking are targeted by a growing number of malware apps designed to allow the device to be controlled remotely or the SMS-based authentication system to be circumvented.
    * Theft of credit card data is also rising sharply. * No longer limited to small and medium-sized retailers, some of the largest brands are falling victim. This data has monetary value, since it’s resold on the dark web or used directly by hackers for online purchases.
    * Cyberattackers are using the SWIFT interbank transaction network by hacking the networks of financial institutions and issuing fraudulent payment orders.

  • The most striking trend in recent years is threats to supply chains. Hackers are targeting the smaller players to reach the larger ones by attacking the software components (chatbots, development libraries, rating and loyalty functionality, etc.) supplied by subcontractors to e-commerce sites.

To learn more, read the full report: Report on financial sector cyber threats Thales - Sekoia 2019.