QBE highlights growing cyber risks in financial services sector

QBE has published a new white paper titled “Cyber Threats to the Financial Services Industry,” authored by Jack Tolliday, the global threat intelligence specialist at QBE.

This report examines the evolving cyber risks that are increasingly targeting financial services, providing insights to help businesses better understand and mitigate these threats.

Cyber threats becoming more complex

The white paper addresses the rising complexity of cyber threats and aims to offer businesses critical updates to better prepare for these evolving risks. It focuses on key cyber threats, including ransomware attacks, vulnerability exploitation, phishing, and the risks posed by supply chain breaches.

Key findings:

• Ransomware and other extortion-based attacks continue to be significant threats to financial services.
• In 2023, the financial services industry ranked as the fourth most targeted sector globally, with the US experiencing the highest number of attacks.
• The rapid exploitation of zero-day vulnerabilities in widely used software remains a critical concern, as cybercriminals quickly capitalise on these flaws.
• Due to the interconnected nature of financial services, supply chain attacks pose a substantial threat to the industry.
• Phishing and credential harvesting remain pervasive techniques for unauthorised access to financial systems.

The report highlighted that ransomware continues to pose a major risk, despite the financial services industry’s ongoing investments in cybersecurity.

Ransomware-as-a-service (RaaS) is particularly concerning, as it enables cybercriminals to gain access to corporate networks through various methods, such as exploiting software vulnerabilities and phishing attacks.

Ransomware in financial services

In 2023, the financial services sector saw 346 ransomware incidents, making it one of the most targeted industries, following business services, retail, and manufacturing.

A recent report showed a rise in concerns about cyberattacks among organisations in Singapore and Malaysia, with many businesses being compelled to pay ransoms due to inadequate data recovery capabilities and business disruptions.

Attack vectors

The report detailed how cybercriminals are increasingly exploiting external-facing systems, especially those with zero-day vulnerabilities in critical infrastructure like VPN services, email servers, and file transfer applications.

The rise in technical sophistication among organised crime groups has made these vulnerabilities more accessible, raising concerns that such attacks will persist.

Phishing and credential theft

Phishing continues to be a primary method for delivering malware, with attackers constantly evolving their techniques to bypass security defences.

The report also pointed out the increased use of fake websites and search engine optimization (SEO) poisoning, which deceive users into downloading malware, posing a significant risk to financial services organisations.

Supply chain vulnerabilities

Supply chain attacks are identified as a major risk for financial services, with breaches at key suppliers potentially leading to widespread industry disruption.

The future of cyber threats in the financial services sector

The report concluded that, despite the financial services sector’s generally higher investment in cybersecurity, it will likely continue to be a primary target for cybercriminals.

The interconnected nature of the industry means that breaches can cause extensive damage, especially during periods of geopolitical instability. The potential for artificial intelligence (AI) to enhance cybercriminal capabilities is also highlighted, though it has yet to produce undetectable or fundamentally new threats.

The report was released after QBE launched its new cyber insurance policy, designed to enhance cyber resilience for a wide range of clients worldwide.