Cyber Attacks On Finance Becoming More Sophisticated
Cyber attacks on financial companies are more sophisticated than those against other businesses, a likely consequence of the industry's better than average digital security.
An analysis by cybersecurity provider Lastline found that over a 30 day period "the proportion of malware displaying advanced behavior was 20% higher in the financial sector than elsewhere," according to an account on DarkReading.com. These behaviors use techniques to avoid both static and dynamic methods of analysis, remain stealthy and steal credentials, the Lastline report explained.
The reason for the more sophisticated attacks, suggests Lastline is that "the Finance sector’s more effective security requires a more sophisticated threat to successfully breach a company’s defenses."
Overall, reports DarkReading, Lastline found the total number of malicious files sent to financial institutions 47% higher than the global data which was used for comparison. The most common practice by cyber criminals is to use Microsoft Office documents as the delivery vehicle.
Lastline said that of "the latest 100 threat reports that specifically target the finance industry we can see that we have captured a Microsoft Office-based campaign. Various office file extensions comprise 62% of the recent file types with the remaining 38% being Portable Executable Files."
Andy Norton, author of the report and Lastline's director of threat intelligence, told DarkReading, ""The finance industry is facing a more sophisticated threat than is encountered by a wider audience. They need to understand that more stringent security doesn’t make the threat go away; it only changes the nature of the threat."