Cyber Thieves Target Financial Institutions

Cyber attacks targeting corporations and financial institutions spiked in 2016, according to the “Internet Security Threat Report (ISTR): Financial Threats Review for 2017” from Symantec. A series of high-value heists targeting Society for Worldwide Interbank Financial Telecommunication customers cost several institutions millions of dollars to cybercriminals and nation state-supported attackers such as the Lazarus Group, according to Symantec.

The report notes that 38 percent of the financial threats detected by Symantec in 2016 were found in large business locations, with the majority of the infection attempts originating as email campaigns. “With more than 1.2 million annual detections, the financial threat space is still 2.5 times bigger than that of ransomware,” according to the report.

Other findings from the 2017 ISTR report include the following:

• 
The 2016 Lazarus attacks represented the first time there was a strong indication of state involvement in financial cybercrime.
• 
Three threat families—Ramnit, Bebloh, and Zeus—were responsible for 86 percent of all financial threat attacks.
• 
The top three countries hit with the most infections were Japan, China, and India.
• 
Financial institutions in the United States were targeted the most, followed by Poland and Japan.
• 
Mobile banking malware targeted at least 170 apps for credential stealing.