‘Modern Bank Heists’ Threat Report from VMware Carbon Black Finds Dramatic Increase in Cyberattacks Against Financial Institutions Amid COVID-19
May 2020 by VMware Carbon Black
VMware, Inc. released the third annual “Modern Bank Heists” report, produced by VMware Carbon Black. The report combines original VMware Carbon Black threat data analysis with annual survey results featuring responses from 25 leading financial institution CISOs.
“Financial institutions have long been targets for cybercrime syndicates,” said Tom Kellermann, head of security strategy, Security Business Unit, VMware. “Over the years, bank heists have escalated to virtual hostage situations where cybercrime groups and nation-states have attempted to commandeer digital transformation efforts. Now, as we address COVID-19’s impact on a global scale, it’s clear attackers are putting financial institutions directly in their crosshairs, according to our data.”
Among the key findings from the report:
Threat Data Analysis
• From the beginning of February to the end of April 2020, attacks targeting the financial sector have grown by 238%, according to VMware Carbon Black threat data.
• Ransomware attacks against the financial sector are up 9x from the beginning of February to the end of April 2020, according to VMware Carbon Black threat data.
• 27% of all cyberattacks to date in 2020 have targeted either the healthcare sector or the financial sector, according to VMware Carbon Black data.
Key Survey Results
• 80% of surveyed financial institutions reported an increase in cyberattacks over the past 12 months, a 13% increase over 2019.
• 82% of surveyed financial institutions said cybercriminals have become more sophisticated over the past 12 months.
• 64% of surveyed financial institutions reported increased attempts of wire fraud transfer over the past 12 months, a 17% increase over 2019.
• 33% of surveyed financial institutions said they’ve encountered an attack leveraging island hopping (an attack where supply chains and partners are commandeered to target the primary financial institution) over the past 12 months.