Cyber Threat Report | January 2020

In this edition of the newsletter, we will cover:

  • Cybersecurity in the Fintech sector
  • The Middle East faces a “cyber pandemic”
  • Threats in the Cryptocurrency world

Cybersecurity in the Fintech sector

The Fintech sector has drastically improved the products and services of the traditional Finance one in the past few years. Financial technology companies enable consumers and businesses to transfer money, manage investments, and access lending and personal financial resources digitally, especially through mobile devices.

Although the traditional Financial sector has always been one of the prime targets for hackers, Fintech is even a better bet for bad actors. Per Alissa Abdullah, SVP of Cybersecurity Technology at Mastercard, after Healthcare, Fintech is the second most frequently attacked industry.

Besides the rapid growth of the sector, underinvestments in cybersecurity along with the unique challenges and risks in the Fintech space, make it highly appealing to the criminal underground.

Research by ImmuniWeb has found that 98% of the top 100 global Fintech startups are vulnerable to major cyberattacks. According to a study by Accenture, few financial companies have invested in their cybersecurity. “Only one third are deploying technologies such as machine learning or AI. Only 24% are using cyber and user behaviour analytics to their advantage, which is a drop from 31% the year before.” 

One of the threat actors in this space is a group known as Evilnum  which  has been targeting financial technology companies since 2018 with an evolving arsenal of phishing and malware. Security researchers have detected campaigns using malicious scans of credit cards, utility bills, ID cards, drivers licenses and other identity verification documents. Emails with links to ZIP archives hosted on Google Drive have also been spotted. Specially crafted Windows shortcut (LNK) files posing as JPG images have been adopted as well to trigger an infection chain for the deployment of a JavaScript-based Trojan. 

But what could Fintech do to increase protection? 

 
Any incremental investment in cybersecurity could have a big impact in the Fintech sector, and there are some clear areas where a Fintech business could reduce its exposure. 

  • Improve cloud security


The financial services industry uses cloud services at many different points in their business operations. Payment gateways, digital wallets, and mobile apps all utilize the cloud to provide security, speed, and scalability to consumers and businesses. 

Adding a cloud data loss prevention (DLP) service can dramatically reduce the risk of data exfiltration — the risk of your data ending up somewhere it doesn’t belong.

  • Increase sector-wide collaboration

It is essential for Fintech companies to participate in developing risk assessments and frameworks for improving cybersecurity. Industry groups such as the Center for Internet Security can provide help and resources to growing Fintech firms. Mastercard works with other financial organizations through the Financial Services Information Sharing and Analysis Center (FSISAC). And the World Economic Forum’s FinTech Cybersecurity Consortium continues to provide research findings for the sector. 

The Middle East faces a “cyber pandemic”.

  • The United Arab Emirates cyber chief warns that the Middle East is facing a “cyber pandemic” as hackers are taking advantage of COVID-related digital adoption.
  • The UAE has seen a 250% rise in cyberattacks this year, with phishing and ransomware incidents increasing in frequency. From an industry perspective, Finance and Healthcare appear to be prime targets.
  • The UAE was the target of “huge attacks” from “activists” after establishing formal ties with Israel, according to Mohamed al-Kuwaiti, head of UAE Government Cyber Security.

Threats for the Cryptocurrency world

  • Money laundering risk

Fintech-driven banks often use cryptocurrencies to carry out financial transactions. As a matter of fact, these cryptocurrencies are an integral part of the Fintech ecosystem. As the cryptocurrency world is not regulated and as Blockchain transactions are very difficult, if not impossible to trace, they are often used for money laundering and even in terrorist funding.

  • Experts foresee crypto cybercrime to rise in 2021

With 2020 being the best year for investments in cryptocurrency, cybersecurity experts warn of a rise in crypto cybercrime. According to blockchain analytics firm CipherTrace, hacks on decentralized finance (DeFi) companies accounted for 21% of the total theft volume in 2020, which is a steep rise from the negligible volumes seen in 2019.

Russian cybersecurity firm Kaspersky has further warned of an increase in Bitcoin theft in 2021. The pandemic may lead some economies and real-world currencies to plummet, which will make Bitcoin theft “a lot more attractive”.

Ransomware gang demands $34 million in Bitcoin from Foxconn

The multinational electronics and technology company was reportedly struck by the DoppelPaymer ransomware on November 29. The malicious party, which claims to have encrypted data related to the victim’s North American operations, has asked for nearly 1,804 Bitcoins (or ~$34.5 million) to provide a decryption mechanism. If the demand has not been met in 3 business days from the infection, the data would be released publicly in chunks.” As of 1:30 PM (GMT) on 10.12.2020, besides the original sample, proof of the cyberattack, nothing else has been released.

Ransomware attacks continue to plague businesses of all sizes. IT security company BlackFog has recorded 28 ransomware attacks in November alone, including against Mattel toy company, Manchester United Football Club, and Baltimore Public Schools.

Paying the ransom may not be the right course. According to Sophos researchers, on average, it costs the attacked companies twice as much to pay the ransom as it does to get the data back by other means.

As always – be vigilant, stay alert, think twice.

AMATAS will continue to monitor this space and deliver salient information regularly. Stay tuned for our next report and if you are interested in any of our privacy and cybersecurity services, please do reach out through our website www.amatas.com or by e-mailing office@amatas.com.

SOURCES

Amatas, Cyware, The Hacker News, The Daily Swig, Securify, Dark Reading, Toolbox, Menlo Security, Microsoft, Rapid7, Info Security Magazine, CPO Magazine, Creative Commons, Finovate, Statista, Decrypt, Livemint, CNBC

Related Articles

Scroll to Top