The annual report of FS-ISAC on cyber threats for financial firms has said the same top three risks, as in 2021, would continue to dominate in 2022 as well, on the back of increasing digitalisation in the financial services sector.
Third-party risk, zero-day vulnerability exploits and ransomware will remain at the forefront of the cyber threats facing financial institutions in 2022.
FS-ISAC is the global cyber intelligence sharing community solely focused on financial services. The FS-ISAC annual global intelligence office report, Navigating Cyber 2022 has revealed that the rapid digitalisation of the financial services sector has led to an increase in global cyber threats in 2021, specifically the acceleration of high-profile cyber attacks targeting third-party suppliers and critical zero-day vulnerabilities. This led FS-ISAC to increase its regional cyber threat levels an unprecedented three times in 2021.
The report that covers inputs from 65 countries found that an increase in cyber threats against global financial services firms in 2021 was driven by attacks targeting third-party suppliers and zero-day vulnerabilities, with mounting ransomware a real problem.
“Many of the major cyber incidents in 2021 have third-party suppliers as the attack surface, zero-day vulnerabilities as the main infection vector and ransomware as the end threat. We see no end to these trends,” said the report.
The FS-ISAC report said it also anticipates an increase in nation-state cyber activity in 2022. FS-ISAC said the scale of cyber threats sparked an ‘unprecedented’ number of changes to regional cyber threat levels last year. The financial services firms reported high levels of phishing and business email compromise as the main entry points for cyber attacks.
Some 23% of FS-ISAC’s member financial services firms said they had been impacted by suppliers who experienced a cyber breach, while 52% said they plan to tighten third-party risk management.
Zero-day vulnerabilities have become a growing trend, FS-ISAC said. This occurs when new software vulnerabilities go unidentified by companies but are picked up by cyber criminals, who then write exploit code to attack their targets or sell the vulnerability for other groups to exploit.
Ransomware groups have been quick to adapt or change tactics. They often close temporarily to avoid increased law enforcement, only to open a few months later under new names. M