Cyber Attacks Grew By 257% Year Over Year – Expert Comments

By   ISBuzz Staff
Editorial Team , Information Security Buzz | Nov 29, 2022 11:47 am PST


Akamai researchers saw
 a 257% year over year increase in API and Web application attacks and are reporting that roughly 80 percent of cyberattacks are directed at financial services customers. They found the attacks in the Asia-Pacific and Japan region grew by 449% and primarily resulted in ransomware.

Key findings:

  • Within 24 hrs. of discovery, new zero days against financial services reach multiple thousands of attacks per hour and peak quickly – affording little time to patch and react.
  • DDoS attacks against financial services are up 22 percent year over year.
  • A significant increase in Local File Inclusion (LFI) and Cross Site Scripting (XSS) attacks show attackers are shifting toward RCE attempts.
  • Phishing campaigns against financial services customers use methods to bypass 2FA.
  • User account takeover attempts represent over 40 percent of attack types with another 40 percent focusing on website scraping, to create more convincing phishing scams.
Subscribe
Notify of
guest
3 Expert Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Nick Rago
Nick Rago , Field CTO
InfoSec Expert
November 30, 2022 7:58 pm

It’s not surprising that the financial services sector represents the vast majority of cyberattacks. Many financial institutions are still in the midst of their digital transformations and deploying their initial generation of API-first architected applications. As a result, API deployment and usage have expanded the attack surface of these institutions and made them a prime target for bad actors.Because every exposed API is unique in function and business logic, they provide many avenues of opportunity for attackers. Attackers look for APIs with vulnerabilities, such as broken or flawed business logic, to exfiltrate data, take over systems or accounts, or conduct application level denial of service campaigns. This type of leverage, whether in the form of personal data or account control, creates the foundation for many of the for-ransom schemes that have been playing out in recent months. Many of these schemes have not just targeted the organizations that have built and exposed these APIs with ransom demands, but have also targeted individual consumers that have been compromised as well, as in the case of the recent Optus API security incident. Attackers are now betting on ransom demands being paid by consumers themselves, especially if the information or account being withheld is of value.Because most organizations, including many prominent financial institutions, rely on more traditional security methods and do not have adequate behavior based API runtime protection, attackers realize they have the freedom to conduct long reconnaissance, attack and abuse campaigns against exposed APIs while staying under the radar. Finding a single leaky API endpoint can pay big dividends to a would-be attacker.

Last edited 2 months ago by Nick Rago
Timothy Morris
Timothy Morris , Technology Strategist
InfoSec Expert
November 29, 2022 7:51 pm

During the holiday season the volume of transactions and interactions between businesses, consumers, and financial institutions will be at a yearly high. If early indications are a predictor, this could be one of the busiest in history. Cybercriminals know this. Tactics will include more savvy scams that can be easy to fall prey to, especially in all the noise. Everyone should have a heightened awareness to prevent becoming a victim.
 
Things consumers can do:
 

  • Do not share passwords between financial services applications and websites. Setup multi-factor authentication (MFA). This should be the same for shopping sites as well
  • Monitor your accounts regularly. Setup text or app notifications with your financial institution
  • Use virtual cards if your bank or credit card company allows.
  • Update or patch your phone, mobile apps, and computer software.
  • Be leery of any phone call or email that asks for personal information (banking, personal identifiable info). If it is from an email, do not click links, go to the web site directly. If a request comes via phone, take down information (who is calling, why, what company, etc.) Hang up and call your financial service institution directly.
Last edited 2 months ago by timothy.morris
George McGregor
George McGregor , VP of Marketing
InfoSec Expert
November 29, 2022 7:51 pm

These statistics also show the need to give more attention to the mobile apps which are increasingly being used by consumers to access financial services.

Unless specific protections are in place, apps can be inspected, cloned and copied – hackers can use stolen secrets to execute ATO, DDoS and other attacks. There are effective ways to protect mobile apps from abuse and stop these kinds of attacks getting near the backend systems and these must be considered as well as traditional back-end security.

Last edited 2 months ago by George McGregor

Recent Posts

3
0
Would love your thoughts, please comment.x
()
x