Instead of going after just money, cybercriminals in one survey were shown to also prize sensitive data for espionage, market manipulation.

Through an online survey in February 2022 involving 130 global financial sector CISOs and security leaders from around the world on evolving cybersecurity threats facing financial institutions, respondents indicated they were facing increased destructive attacks and were falling victim to ransomware more than in years past, as sophisticated cybercrime cartels evolve beyond wire transfer fraud to now target market strategies, take over brokerage accounts and island hop into banks.  

Of the participating financial institutions, 41% were headquartered in North America; 29% in Europe, 16% in the Asia Pacific region; 12% in Central and South America, and 2% were based in Africa.

The data showed that found that once cybercriminals had gained access into a financial organization, they were no longer after wire transfers or access to capital as traditionally assumed. Cybercriminals were now seeking non-public market information such as earnings estimates, public offerings, and significant transactions. Some 66% of the financial institutions in the survey had experienced attacks that targeted market strategies—usable for economic espionage and insider trading.  

Additional key findings

According to Tom Kellermann, Head of Cybersecurity Strategy, VMware Inc., which published its findings: “Security has become top-of-mind for business leaders amid rising geopolitical tension, an increase in destructive attacks, and a record-breaking year of Zero Day exploits. Financial institutions now understand that today’s attackers are moving from heist to hijack, from dwell to destruction, and leaving their mark on an extremely vulnerable sector. Collaboration between the cybersecurity community, government entities and the financial sector is paramount to combat these emerging, increasing threats.”

The data showed these trends as follows:

  • 60% of respondents had experienced an increase in island hopping, a 58% increase from last year. 
  • 67% of respondents had observed the manipulation of time stamps, an attack called Chronos. Notably, 44% of Chronos attacks had targeted market positions.
  • 83% of respondents were concerned with the security of cryptocurrency exchanges. Targeting cryptocurrency exchanges allows cybercriminals to immediately and directly turn the crypto funds into cyber cash.
  • Top investment priorities among the respondents included extended detection and response (XDR), workload security, and mobile security.

According to Jeremy Sheridan, former Assistant Director of the US Secret Service: “The persistent, inadequate security of systems connected to the internet provides opportunity and methodology… and  the proliferation of digital money payment systems has created a global, instantaneous, and pseudo-anonymous means to facilitate (cybercriminal) actions… that have facilitated the maturation of a cybercriminal ecosystem that has not been sufficiently suppressed. We see these trends continuing into the future and (cybercriminals) utilizing greater anonymizing techniques such as peer-to-peer networks, privacy coins, encrypted communications, and Dark Net marketplaces to further expand cybercrime capabilities and reach.”