The past year brought on or exacerbated several trends in IT security facing the U.S. financial industry. Going into the third year of this pandemic, the same cyberthreats are expected to continue and potentially escalate if not checked, according to research from Aite-Novarica Group.
IT security is “a difficult and important topic, perhaps the most difficult and exciting issue in the market today,” said John Horn, cybersecurity practice director for Aite-Novarica Group, commenting during a webinar last week on these issues.
Ransomware, DataSecOps, zero-trust architectures and managed security have all evolved in recent months, according to Aite-Novarica Group’s Top 10 Trends in Cybersecurity 2022: Combating Industrialized Cybercrime Attacks.
“We all wish we had a crystal ball,” said Tari Schreider, strategic advisor for Aite-Novarica Group. Financial firms have seen a 1,300% increase in ransomware attacks, according to TrendMicro data cited by Schreider. “When you are facing an army of hackers with nothing better to do, and a strong inclination,” he adds, “it’s hard to compete with that.”
Ransomware in particular is not only becoming a more common attack on large and small U.S. financial institutions, but it has “become the preferred weapon of choice for nation-state cyber aggressors,” he says, adding that many countries have sanctioned or tacitly support these cyberattacks to make money or to potentially damage the reputation of notable U.S. companies.
“They’re waging a war against the U.S.,” Schreider continued.
And the barrier to entry has decreased, as would-be cyber thieves with even limited skills can now buy a “ransomware-as-a-service” kit on the dark web for less than $40, Schreider said. Hence, nation-states and other more powerful cyber-aggressors have flooded the field, as Schreider references Donald Rumsfeld’s oft-cited insight, “Kinetic war is going to give way to the digital battlefield, dropping bombs is less effective than what people can do.”
Source: SC Media