NATION-STATE CYBER ATTACKS: Financial services are an easy target

Understanding the motivations of threat actors is crucial

Written by Guest

July 13, 2023 01:45 IST

CYBER ATTACKS — Moreover, they seek privileged access to industrial systems connected to the internet, expanding their attacks into critical infrastructure such as power plants.

By Scott Jarkoff

THE FINANCIAL SERVICES industry, along with government and telecommunications sectors, frequently finds itself in the crosshairs of nation-state threat actors. These actors are driven by political or nationalistic motivations, shaping their objectives and strategies. For instance, we’ve seen Chinese threat actors align their actions with China’s five-year plan, as well as the Made in China 2025 initiative. Observations by CrowdStrike’s OverWatch Threat hunting team reveal a surge of +130% in nation-state intrusions against APJ-based financial services entities in 2022.

Motivations, key targets

Nation-state threat actors target the financial services industry due to the sector’s possession of highly sensitive data, including trade secrets and confidential communications. Moreover, they seek privileged access to industrial systems connected to the internet, expanding their attacks into critical infrastructure such as power plants.

Also Read

Role of Cyber in Digital Transformation

Within Asia, CrowdStrike Intelligence identified vulnerable sectors, including financial, government, technology, and telecommunications. Notably, intrusions by China-nexus adversaries accounted for nearly two-thirds of targeted intrusion activities confirmed in 2022, according to CrowdStrike’s Global Threat Report 2023. China-nexus threat actors primarily focus on foreign intelligence collection rather than disruption. Telecommunications and technology organisations are especially high-priority targets due to ongoing economic espionage campaigns targeting research and development data, proprietary information, and trade secrets.

Also Read

Strengthening India’s cyber defence: Lt Gen MU Nair takes charge as NCSC

The defence mechanism

To defend against nation-state cyber threats, financial institutions must adopt a proactive approach. Here are the top five steps to enhance security and safeguard their operations:

Use integrated, comprehensive endpoint protection: Deploy an integrated endpoint protection platform that includes anti-malware, application control, endpoint detection and response (EDR), vulnerability management, device control, and data protection.

Embrace cloud-native security: Leverage cloud-native security solutions that provide comprehensive visibility and protection across diverse environments, including on-premises and cloud infrastructure.

Secure the identity: Prioritise measures such as multi-factor authentication, privileged access management, and user behaviour analytics to detect and prevent unauthorised access.

Focus defensive efforts on adversary behaviours: Monitoring and correlating diverse data sources, such as network traffic, endpoint telemetry, and threat intelligence, organisations can help identify anomalies associated with malicious activities.

Know your adversary: Invest in threat intelligence programs to make informed decisions, prioritise security investments and enhance cybersecurity posture.

The writer is director, Intelligence Strategy, APJ & META, CrowdStrike

TOPICScyber attack industry news

Get Live Share Market updates, Stock Market Quotes, and the latest India News and business news on Financial Express. Download the Financial Express App for the latest finance news. .

This article was first uploaded on July thirteen, twenty twenty-three, at forty-five minutes past one in the night.

Market Data