FS-ISAC Report Finds Cybercriminals and Nation-State Actors are Converging, Increasing Cross-Border and Supply Chain Attacks

Recent incidents underscore need for a trusted conduit between financial services and third parties

in French, German, and Dutch

Reston, VA, (30 March, 2021) - FS-ISAC, the only global cyber intelligence sharing community solely focused on financial services, announced today the findings of its latest report, which found that wittingly or otherwise, nation-states and cyber criminals are leveraging each other’s tools and tactics, leading to an increase in cross-border attacks targeting financial services suppliers.

The pandemic has accelerated digitization, connectivity, and the sector’s interdependence, as demonstrated by recent supply chain incidents. Increasingly, the financial sector needs a trusted conduit of real-time cyber information between institutions and third-parties.

"FS-ISAC was the logical host for us to brief the financial services sector to reach a critical mass of institutions around the world all at once," said Jonathan Yaron, CEO of Accellion. "This way, we could ensure that the industry received critical and correct information via a trusted source, enabling it to act quickly to mitigate the impact of the incident."

“Organizations properly practicing defense-in-depth with multi-layered controls are still vulnerable to large-scale and even systemic issues through third party suppliers,” said J.R. Manes, Global Head of Cyber Intelligence at HSBC. “The FS-ISAC community provides its members the visibility into emerging threats that could impact customers and business, even when they are not directly exposed. Ensuring and encouraging the sharing of cyber threat intelligence is a vital part of the defense of not only the financial sector, but the whole business ecosystem that runs on top of the Internet.”

FS-ISAC’s report outlines today’s top threats:

  • Convergence of nation-states and cyber criminals: Nation-state actors are leveraging the skills and tools of cyber criminals, either knowingly or not, to enhance their own capabilities.
  • Third-party risk on an upward trend: Suppliers to financial firms will continue to be lucrative targets for threat actors, as shown by three highly visible incidents in the last two quarters.
  • Cross-border attacks will increase: Cyber criminals test their attack in one country before hitting multiple continents and sub-verticals, as shown by a DDoS extortion campaign targeting ~100 financial institutions in months.

“Trying to outpace evolving cyber threats diverts resources from a financial firm’s core business,” said Steve Silberstein, FS-ISAC CEO. “As the global fincyber utility, FS-ISAC enables industry-wide cross-border sharing to pool resources, expertise, and capabilities to manage cyber risks and incident response.”

Report Methodology

The Navigating Cyber 2021 report is derived from FS-ISAC’s rigorous threat intelligence monitoring maintained by its intelligence operations team. The intelligence is sourced from FS-ISAC's thousands of member financial firms in more than 70 countries and further augmented by analysis by the Global Intelligence Office. Multiple streams of intelligence were leveraged for the curation of the round-up, which examined data across a one year period from January 2020 to January 2021.

About FS-ISAC

The Financial Services Information Sharing and Analysis Center (FS-ISAC) is the only global cyber intelligence sharing community solely focused on financial services. Serving financial institutions and in turn their customers, the organization leverages its intelligence platform, resiliency resources, and a trusted peer-to-peer network of experts to anticipate, mitigate and respond to cyber threats. Members represent over $35 trillion in assets under management in more than 70 countries. Headquartered in the United States, the organization has offices in the United Kingdom and Singapore. To learn more, visit www.fsisac.com. To get clarity and perspective on the future of finance, data and cybersecurity from top C-level executives around the world, visit FS-ISAC Insights.

Contacts for Media
media@fsisac.com

                                                                                                   +++