More destructive cyberattacks target financial institutions
Financial institutions will continue to be the ultimate targets for criminals and threat actors, as a successful attack offers a significant payoff, according to Contrast Security.
Contrast Security has surveyed 35 of the world’s leading financial institutions to better understand their cyber threat landscape and the extent to which they are — or are not — addressing key threats.
64% of financial institutions said their organization had experienced cybersecurity incidents in the past 12 months. Researchers found that 71% of respondents reported zero-day attacks as the key concern to safeguarding applications and APIs, followed by dwell time (43%) and lack of visibility into the application layer (38%).
Financial sector faces surge in zero-day attacks
The overwhelming concern with zero-day attacks aligns with key industry research and trends showing significant increase in zero days being exploited year-over-year. The rise in zero days is largely due to heavy spending from nation states. China and Russia are increasing their efforts to discover and create zero days to infiltrate Western critical infrastructures.
Beyond zero days, close to 43% of respondents said their biggest issue was dwell time. Specifically, they lack the ability to detect attacks targeting applications fast enough. Meanwhile, 38% said their biggest issue in regard to applications was lack of visibility into the application layer. Separately, 52% of survey respondents said their organization was impacted by a supply chain attack in 2024.
“Our research found that the financial sector is facing increasing threats with a noticeable uptick in zero-day and destructive attacks,” said Tom Kellermann, Cybersecurity Advisor for Contrast Security.
“We also uncovered that not only are APIs, cloud environments, and applications the attack vectors of choice, but also, today’s motive has changed. Cybercriminals are no longer going after data. Instead, they’re island hopping, or hijacking an organization’s digital transformation and using that infrastructure to launch attacks against a company’s customers and partners. As tactics and motives evolve, financial institutions need to rethink how they are protecting themselves,” added Kellermann.
Outdated technology puts financial institutions at risk
Financial institutions are further challenged by legacy technology, with 82% overrelying on web application firewalls (WAF) and 61% saying they considered their WAFs to be effective. However, reliance on WAFs alone is inadequate against zero-day exploits and modern application attacks.
In light of all this, it’s no surprise that zero days were the top application-related security concern. In fact, fewer than 25% said they were confident that their current security controls could mitigate such an attack.
Respondents reported a 12.5% increase in destructive cyberattacks, which are launched punitively to destroy data and burn the evidence as part of a counter-incident response. Over two-thirds experienced attacks focused on stealing non-public market information, with cybercriminals using it for insider trading, digital front running, and shorting stock before they dox the stolen, confidential data to the regulators.
Account takeovers, which are characterized by unauthorized individuals taking over someone else’s online bank account, remain an ever-present concern.
When it comes to applications and API threat intelligence, most financial institutions said that pre-production teams (i.e. those heavily involved in application development and security prior to go-live) are the ones receiving this critical intel.
Close to 73% said AppSec teams receive application and API threat intelligence, while 59% said developers and software engineers get this intel. In comparison, only 32% said SOCs get this intel, and just 23% said incident response teams get this intelligence. Regardless of who gets the application and API threat intel, financial institutions are getting much faster at remediating vulnerabilities.