FS-ISAC, an organisation dedicated to bolstering cybersecurity within the global financial framework, has released its Navigating Cyber 2024 report through its Global Intelligence Office.
This document revealed an uptick in cyber threats across the Asia-Pacific (APAC) region, particularly noting an increase in ransomware attacks.
The financial sector, according to the report's 2023 findings, ranked as the fourth highest target for such attacks in the region. It also highlighted a concerning 15% rise in cyber incidents year-over-year, marking an average of nearly 1,963 attacks per week against APAC organisations – a trend expected to persist into 2024, in line with broader global observations.
The report – which follows the release of the FS-ISAC and Akamai Technologies' DDoS: Here to Stay report – elaborated on the increasingly sophisticated methods employed by cyber attackers, including tactics such as social engineering, search engine optimisation (SEO) poisoning, malvertising, and phishing through QR codes. It also pointed to the use of generative artificial intelligence (AI) by these actors to enhance the scope and effectiveness of their campaigns, alongside the potential for the misuse of AI technologies themselves.
Steven Silberstein, CEO of FS-ISAC, highlighted the constant evolution of cyber threats and the consequent need for the financial services industry to adapt its defensive strategies at a pace that matches or exceeds that of cybercriminal tactics.
“Each year, a new set of threats comes to light, requiring the financial services sector's mitigation strategies to advance at an equal if not faster pace than threat actors' tactics,” he said. “As we look ahead to a critical year marked by emerging technology and heightened geopolitical tensions, the best way to maintain the integrity, security, and trust of the sector is through global information sharing.”
The research predicts the introduction of novel threats poised to disrupt the financial services landscape significantly. Among these are an escalation in geopolitical hacktivism, leveraging misinformation campaigns and distributed denial of service (DDoS) attacks amidst geopolitical strife and a year with multiple national elections.
The report also warned of cybercriminals modifying their extortion strategies in response to the rollout of new legislation, the urgency for the financial sector to develop new encryption technologies in anticipation of quantum computing breakthroughs, and the necessity for enhancing the cybersecurity defences of the supply chain.
Teresa Walsh, chief intelligence officer for the EMEA region at FS-ISAC, noted the unceasingly dynamic cyber environment where cybercrime merges with fraud, and new technologies open further avenues for vulnerabilities.
“Threat actors will exploit vulnerabilities in critical infrastructure and will leverage any tool available to destroy trust in the security of our systems,” she said. “The financial services sector operates in a cyber landscape that is endlessly dynamic, as cybercrime and fraud converge, and emerging technologies create additional opportunities for exposure. In order to maintain trust in the sector, companies must prioritise proactive cyber hygiene to ensure operational resilience in the face of an attack.”
Derived from contributions by FS-ISAC's network of member financial institutions across 75 nations and further analysis by its Global Intelligence Office, the Navigating Cyber 2024 report provides a thorough examination of the data collected from January 2023 to January 2024.