Business Daily Media

Cloud-based cyberattacks are on the rise, and targeting the financial services industry

  • Written by Joel Camissar, Regional Director of MVISION Cloud Asia Pacific, McAfee

As the world comes together to overcome the pandemic, cybercriminals are ramping up their activity to take advantage of the new, heavy reliance on technology and in particular, cloud-based applications and programs. According to McAfee’s latest Cloud Adoption and Risk Report: Work From Home Edition, there has been a significant increase in cyberattacks targeting cloud tools like Zoom, WebEx, and Microsoft Teams as many Australian and global organisations make the shift to working from home arrangements. This could evidently be here to stay with almost half of the global workforce expected to work remotely post the pandemic.


McAfee’s report found external attacks on cloud services and collaboration tools are seven times higher compared to the start of 2020 which is concerning given overall enterprise adoption of cloud services also spiked by 50 percent, and cloud collaboration tools increased in use by 600 percent.


As cybercriminals become more sophisticated and smarter by the day, every industry today is a target. But with the rapidly expanding threat landscape combined with increasing digitisation across the financial services industry, it is no surprise it was one of the hardest hit. It is, therefore, a crucial time for these organisations to be prioritising cloud security. There is never a good time to be complacent about cybersecurity, but especially now, the financial services industry should be proactively working to thwart the new wave of cloud-based attacks born from the pandemic


The COVID-19 effect on cybersecurity


With the new reality of working from home and increased need for unmanaged devices and cloud-based environments, organisations had to pivot, and in some instances, restructure their internal processes and technology stacks to maintain business continuity for their customers. While these systems may be high-performing in meeting customers’ digital demands, it must also encompass a strong security strategy to thwart cybercriminals targeting vulnerable infrastructures.


While industries pivot, so must consumers, and we’ve seen customers become increasingly reliant on their providers’ applications and other digital services to conduct their everyday banking. This has placed increased pressure on banks and fintechs alike to ensure their services are secure, and their customers’ data is protected.


The use of cash at shopfronts and checkouts have declined to help minimise the spread of coronavirus, therefore more digital payments for every day, small transactions are taking place for home-delivered food and groceries and online retailers. Further to this, however, the process of taking out a mortgage or refinancing has likely been undertaken digitally. While consumers are becoming more comfortable with major transactions online like these, it could also become a permanent change in the near future. The shifts here brought on by our new reality is putting cybersecurity under the spotlight to protect financial and customer data, as well as online, high-stake transactions.


Cloud-based attacks: the implications and risks


According to McAfee’s report, the financial services sector increased usage of collaboration services such as Microsoft 365 by 123 percent, while also seeing an increase in the use of business management services such as Salesforce by 61 percent. This is an unsurprising uptick in cloud usage as the financial services industry increasingly relies on cloud services to provide customer-facing digital financial services.


As a result, however, sophisticated attackers are emerging with attempts to penetrate the financial organisation to exfiltrate data—and given the rise in remote working, our research shows that it provides a wider attack surface for cloud-based attacks. McAfee found the financial services sector saw a 571 percent increase in cloud threats from January to April 2020.


The tactics of these cybercriminals are becomingly increasingly sophisticated, and we found that the IPs monitored were used to attack cloud accounts, as well as other malicious activity—showing the potential reuse of criminal infrastructure for multiple attacks.  


Many of the cyberattacks can be attributed to opportunistic threats, where cybercriminals “spray” cloud accounts with access attempts using stolen credentials—and the financial services industry is often targeted by external threat actors given the amount of sensitive data stored. The Asia Pacific region appears to be a key target as McAfee saw 50 percent more threats than the global average.


The best way forward for the financial services industry


It’s a crucial time for organisations in the financial services industry to adopt a cloud-centric security posture. This will address the need for increased cloud capabilities and combat cloud-native threats that are on the rise, while also providing full visibility and control over a remote workforce.


With remote working quickly becoming the new normal as the future of work, networking models are no longer realistic. To cater to this and prepare for possible attacks, organisations must reassess how they will accommodate for unmanaged devices connecting to their cloud services, and create policies that ensure sensitive information is consistently protected in the cloud.


Finally, organisations must deploy a unified security platform to extend protection from device to cloud. This will reduce complexity as well as the total cost of ownership, allowing for greater visibility and therefore security effectiveness and responsiveness for both sanctioned and shadow cloud services.

Business Reports

YouGov appoint Laura Robbie as CEO of the Asia Pacific region

A world of new opportunities  Market research and data analytics company YouGov is pleased to announce the appointment of Laura Robbie as CEO of the Asia Pacific region.  Miss Robbie previously held the role of Managing Di...

How to Sharpen Your App Development Skills

Mobile application development is a skill that you should take seriously. It's not the easiest task in the world, and it takes more than just technical know-how to be successful. If you want your app to succeed, you have to shar...

The four markers that define Australia’s best-in-class workplaces

What is it that has aided one-third of employers not to experience difficulties with recruitment in the current market, writes Servicely’s founder and CEO Dion Williams. We’re used to living with impatience. The scant few...

3 Tips For Balancing Business And Family

Running a business while also simultaneously being the head of the family can be a stressful challenge to deal with, but so many people out there do it. If you are living this kind of lifestyle and feel like you have too much go...

RBNZ Survey: majority of experts believe inflation has hit its peak

While inflation has likely hit its peak, homeowners should brace for further hikes to their mortgage repayments, according to a new Finder poll.  In this month’s Finder RBNZ Official Cash Rate Survey, 15 experts and econom...

3 Essential SEO Services To Help Grow Your Business

Did you know that 44% of businesses have an SEO strategy? SEO remains a powerful SEO strategy for everyone, from startups to businesses big and small, because the best search results determine who people contact. The digital...

Web Busters - Break into local search