Business Daily Media

SME Business News

Cloud-based cyberattacks are on the rise, and targeting the financial services industry

  • Written by Joel Camissar, Regional Director of MVISION Cloud Asia Pacific, McAfee


As the world comes together to overcome the pandemic, cybercriminals are ramping up their activity to take advantage of the new, heavy reliance on technology and in particular, cloud-based applications and programs. According to McAfee’s latest Cloud Adoption and Risk Report: Work From Home Edition, there has been a significant increase in cyberattacks targeting cloud tools like Zoom, WebEx, and Microsoft Teams as many Australian and global organisations make the shift to working from home arrangements. This could evidently be here to stay with almost half of the global workforce expected to work remotely post the pandemic.

 

McAfee’s report found external attacks on cloud services and collaboration tools are seven times higher compared to the start of 2020 which is concerning given overall enterprise adoption of cloud services also spiked by 50 percent, and cloud collaboration tools increased in use by 600 percent.

 

As cybercriminals become more sophisticated and smarter by the day, every industry today is a target. But with the rapidly expanding threat landscape combined with increasing digitisation across the financial services industry, it is no surprise it was one of the hardest hit. It is, therefore, a crucial time for these organisations to be prioritising cloud security. There is never a good time to be complacent about cybersecurity, but especially now, the financial services industry should be proactively working to thwart the new wave of cloud-based attacks born from the pandemic

 

The COVID-19 effect on cybersecurity

 

With the new reality of working from home and increased need for unmanaged devices and cloud-based environments, organisations had to pivot, and in some instances, restructure their internal processes and technology stacks to maintain business continuity for their customers. While these systems may be high-performing in meeting customers’ digital demands, it must also encompass a strong security strategy to thwart cybercriminals targeting vulnerable infrastructures.

 

While industries pivot, so must consumers, and we’ve seen customers become increasingly reliant on their providers’ applications and other digital services to conduct their everyday banking. This has placed increased pressure on banks and fintechs alike to ensure their services are secure, and their customers’ data is protected.

 

The use of cash at shopfronts and checkouts have declined to help minimise the spread of coronavirus, therefore more digital payments for every day, small transactions are taking place for home-delivered food and groceries and online retailers. Further to this, however, the process of taking out a mortgage or refinancing has likely been undertaken digitally. While consumers are becoming more comfortable with major transactions online like these, it could also become a permanent change in the near future. The shifts here brought on by our new reality is putting cybersecurity under the spotlight to protect financial and customer data, as well as online, high-stake transactions.

 

Cloud-based attacks: the implications and risks

 

According to McAfee’s report, the financial services sector increased usage of collaboration services such as Microsoft 365 by 123 percent, while also seeing an increase in the use of business management services such as Salesforce by 61 percent. This is an unsurprising uptick in cloud usage as the financial services industry increasingly relies on cloud services to provide customer-facing digital financial services.

 

As a result, however, sophisticated attackers are emerging with attempts to penetrate the financial organisation to exfiltrate data—and given the rise in remote working, our research shows that it provides a wider attack surface for cloud-based attacks. McAfee found the financial services sector saw a 571 percent increase in cloud threats from January to April 2020.

 

The tactics of these cybercriminals are becomingly increasingly sophisticated, and we found that the IPs monitored were used to attack cloud accounts, as well as other malicious activity—showing the potential reuse of criminal infrastructure for multiple attacks.  

 

Many of the cyberattacks can be attributed to opportunistic threats, where cybercriminals “spray” cloud accounts with access attempts using stolen credentials—and the financial services industry is often targeted by external threat actors given the amount of sensitive data stored. The Asia Pacific region appears to be a key target as McAfee saw 50 percent more threats than the global average.

 

The best way forward for the financial services industry

 

It’s a crucial time for organisations in the financial services industry to adopt a cloud-centric security posture. This will address the need for increased cloud capabilities and combat cloud-native threats that are on the rise, while also providing full visibility and control over a remote workforce.

 

With remote working quickly becoming the new normal as the future of work, networking models are no longer realistic. To cater to this and prepare for possible attacks, organisations must reassess how they will accommodate for unmanaged devices connecting to their cloud services, and create policies that ensure sensitive information is consistently protected in the cloud.

 

Finally, organisations must deploy a unified security platform to extend protection from device to cloud. This will reduce complexity as well as the total cost of ownership, allowing for greater visibility and therefore security effectiveness and responsiveness for both sanctioned and shadow cloud services.

Business Daily Media Business Development

AMI delivers bespoke training scheme to help tourism industry pivot to delivering digital events

The Australian Marketing Institute (AMI) has delivered a bespoke training program to support the tourism industry in strengthening its ability to deliver digital events. Last month, th...

Media Release - avatar Media Release

AWA’s travel survey reveals Australians are ready to start exploring again

Travellers remain optimistic with many still planning holidays for 2020   Anne Wild & Associates (AWA), a leading travel and lifestyle communications agency celebrating 22 years...

Media Release - avatar Media Release

Constant product innovation is critical to finding market fit

The significant impact the COVID-19 pandemic has had on businesses worldwide is undeniable. Businesses in every industry have been forced to reinvent the way they operate, communicate ...

Jack Zhang, co-founder and CEO of Airwallex - avatar Jack Zhang, co-founder and CEO of Airwallex

Tips to Keep Your Business Competitive in Today’s Digital Age

Sydney is known to be a startup hub because of the attractive opportunities for business-minded people and the perks of living in the city. Innovation, in particular, is a massive aspect o...

Emily Stuart - avatar Emily Stuart

Digital Agency



News Company Media Core

Content & Technology Connecting Global Audiences

More Information - Less Opinion