Ransomware, Supply Chain, Trojans Drive Cyber Risk for Asia Pacific Financial Firms

Singapore, (16 November, 2021) - FS-ISAC, the only global cyber intelligence sharing community solely focused on financial services, announced today that ransomware and supply chain attacks, as well as a resurgence of banking trojans and distributed denial of service (DDoS) attacks, are the top cybersecurity threats to financial institutions across the Asia Pacific (APAC) region.

2021 has seen a steady rise in cross-border cyber attacks perpetrated by increasingly sophisticated threat actors. Based on FS-ISAC member intelligence sharing, open-source intelligence, and insights from local financial firms and other sources, the Financial Services Information Sharing and Analysis Center’s (FS-ISAC)’s 2021 Cyber Trends and Threats Review sheds light on current strategic trends in financial services and cybersecurity and offers critical insights into the most salient cyber threats facing the APAC financial services industry today. The Review also highlights key guidance for how to prepare for emerging cyber threats in 2022.

"As digitalization of financial services across the Asia Pacific region takes place at record speed, firms should be aware of the accompanying pitfalls and take steps to mitigate them," said Christophe Barel, Managing Director for APAC, FS-ISAC. "In particular, as the region’s digital shift takes place amid organizational challenges and an under-supply of cybersecurity talent, firms may face the risk that digital expansion could outpace their capacity to adequately protect themselves from emergent cyber threats. Safeguarding against these threats will require the collective wisdom of the entire industry, with intelligence sharing as a core pillar."

Current cyber threats are converging with recent trends in financial services such as the wholesale move to cloud, the emergence of new fintech players competing against traditional financial institutions, and mainstream adoption of cryptocurrencies. As financial institutions (FIs) have had to quickly expand their IT infrastructure to stay competitive, some have found that their cybersecurity apparatus has not scaled up at the same pace. According to a 2021 Check Point report, 75% [1] of firms said that the security of their public cloud infrastructure is a serious concern, as many enterprises are still getting to grips with addressing the different security challenges associated with cloud-based solutions. This may be an especially relevant issue in APAC, as many of the region’s banks are going ‘all-in’ in embracing digitalization [2].

The FS-ISAC 2021 Cyber Trends and Threats Review also identified other significant trends facing the region, including the strengthening of regulatory oversight of cyber risk management, organizational challenges to threat response, and an acute cybersecurity talent shortage.

As cybersecurity becomes a board-level issue because of the existential risks cyber attacks can pose, financial firms must re-imagine cybersecurity policies and procedures for a new era where the industry is hyperconnected and cyber threats know no bounds.

“In 2021, third-party risk and ransomware continue to dominate the cyber threat environment, while the resurgent threats of DDoS and trojans have also reared their heads. Sharing intelligence both globally and amongst members in the region can help firms understand not only new and emerging tools, techniques, and procedures used by cyber criminals but also best practices on how to defend against them,” said Barel.

The review contains seven recommendations on how firms can prepare their cyber defenses and manage cyber risk going forward, including:

  1. Protecting data
  2. Patching vulnerabilities
  3. Reinforcing existing defenses
  4. Sharing threat intelligence
  5. Building the muscle memory to respond to attacks through exercises
  6. Strengthening third party risk management
  7. Recruiting and building diverse teams

Download the FS-ISAC 2021 Cyber Trends and Threats Review.


[1] https://www.checkpoint.com/cyber-hub/cyber-security/what-is-cybersecurity/biggest-cyber-security-challenges-in-2021/

[2] https://www.fnarena.com/index.php/2021/09/21/banks-need-to-go-big-on-digital-revolution/



The Financial Services Information Sharing and Analysis Center (FS-ISAC) is the only global cyber intelligence sharing community solely focused on financial services. Serving financial institutions and in turn their customers, the organization leverages its intelligence platform, resiliency resources, and a trusted peer-to-peer network of experts to anticipate, mitigate and respond to cyber threats. Headquartered in the United States, the organization has offices in the United Kingdom and Singapore, and members in more than 70 countries. To learn more, visit www.fsisac.com. For clarity and perspective on the future of finance, data, and cybersecurity from top C-level executives around the world, visit FS-ISAC Insights. To learn more about joining FS-ISAC as a member, visit fsisac.com/membership.

Contacts for Media