Cyber criminals launched 3.5 billion attempted attacks on the financial services sector over a six month period.

Data from US cloud and digital services provider Akamai found that half of all unique organisations impacted by observed phishing domains were from the financial services sector.

The report showed that in addition to unique phishing attempts, hackers used credential stuffing - which weaponised stolen login details and passwords to access accounts via large-scale automated login requests - to launch 3.5 billion attacks on financial services institutions.

The report, which collated data gathered in the six months between 2 December 2018 and 4 May 2019 identified nearly 197,524 phishing domains, two thirds of which targeted consumers directly.

When taking the phishing domains targeting consumers only into consideration, half of those targeted companies was in the financial services industry.

The report also highlighted that among the most popular methods commonly employed by hackers are ‘bank drops’ – packages of customer data such as account and personal details that can be used to fraudulently open accounts at a given financial institution. Secure access to the fraudulent accounts comes via remote desktop servers, which are matched to the geographic location of the bank and the details involved in the bank drop.

Akamai’s also revealed that 94 per cent of observed attacks against the financial services sector came from one of four methods: SQL injection, local file Inclusion, cross-site scripting and OGNL Java injection – which accounted for more than eight million attempts during this reporting period.

The financial services industry has also seen criminals start to launch distributed denial of service (DDoS) attacks as a distraction to conduct credential stuffing attacks or to exploit a web-based vulnerability. Over the course of 18 months, Akamai uncovered more than 800 DDoS attacks against the financial services industry.

Martin McKeay, security researcher at Akamai, said: “We’ve seen a steady rise in credential stuffing attacks over the past year, fed in part by a growth in phishing attacks against consumers.

“Criminals supplement existing stolen credential data through phishing, and then one way they make money is by hijacking accounts or reselling the lists they create – we’re seeing a whole economy developing to target financial services organisations and their consumers."

The report’s authors argued that the criminal economy in data theft thrives, in part, because hackers target the financial services industry. By targeting banks, criminals attempt to steal sensitive data, then turn around and use that same data to open fake accounts and lines of credit, creating a continuous cycle of crime.

“Attackers are targeting financial services organisations at their weak points: the consumer, web applications and availability, because that’s what works," said McKeay.

"Businesses are becoming better at detecting and defending against these attacks, but point defenses are bound to fail,” he added. “It requires being able to detect, analyse, and defend against an intelligent criminal who’s using multiple different types of tools for a business to protect its customers.”

Share Story: