As per the latest United Kingdom government survey, the global financial survey holds the most amount of customers’ personal data. Another Bank of England study cited some 37% of its survey participants expressing fears about cyber attackers targeting the digital banking sector.
This is not the first time United Kingdom authorities are raising concerns about data theft in the banking sector. The country’s National Cyber Security Centre has repeatedly raised the same concern in its previous reports.
While cybercrime operators are evolving quicker in terms of their tolls and skill sets, it is taking the shape of a sophisticated industry.
While specialized hackers called “initial access brokers”, launch the first wave of attacks and the sale of the stolen customers’ data to the ransomware groups, the criminal groups then come into play, blackmailing their victims.
In fact, these darknet sites are offering an “as-a-service” mechanism, allowing their criminal network to get bigger with the participation of more cyber threat actors. The “initial access brokers” are also participating in double extortion practices against their victims (one each for stopping the stolen information from getting encrypted and distributed). They are also launching DDoS attacks against banking organizations, contacting the customers and business partners, apart from defacing the bank’s websites with a ransom note, damaging the organization both on financial and brand fronts.
IT security firm Trend Micro did a survey among the global financial and IT businesses, where around 79% agreed about the banking sector being a soft target for darknet operators. Another 87% believed concurred with the view. Around 72% of global financial companies got affected by ransomware attacks since 2019. Most of these attacks saw stolen data getting encrypted and then leaked. Some 92% of these banks saw their operations getting impacted, causing them immense monetary damages and hurting their digital transformation projects.