Third annual report details how financial CISOs are battling ransomware, wire fraud transfer, island hopping, destructive attacks, and counter incident response
Reading, UK – 14th May 2020 - VMware, Inc. (NYSE: VMW), a leading innovator in enterprise software, today released the third annual “Modern Bank Heists” report, produced by VMware Carbon Black. The report combines original VMware Carbon Black threat data analysis with annual survey results featuring responses from 25 leading financial institution CISOs.
“Financial institutions have long been targets for cybercrime syndicates,” said Tom Kellermann, head of security strategy, Security Business Unit, VMware. “Over the years, bank heists have escalated to virtual hostage situations where cybercrime groups and nation-states have attempted to commandeer digital transformation efforts. Now, as we address COVID-19’s impact on a global scale, it’s clear attackers are putting financial institutions directly in their crosshairs, according to our data.”
Among the key findings from the report:
Threat Data Analysis
- From the beginning of February to the end of April 2020, attacks targeting the financial sector have grown by 238%, according to VMware Carbon Black threat data.
- Ransomware attacks against the financial sector are up 9x from the beginning of February to the end of April 2020, according to VMware Carbon Black threat data.
- 27% of all cyberattacks to date in 2020 have targeted either the healthcare sector or the financial sector, according to VMware Carbon Black data.
Key Survey Results
- 80% of surveyed financial institutions reported an increase in cyberattacks over the past 12 months, a 13% increase over 2019.
- 82% of surveyed financial institutions said cybercriminals have become more sophisticated over the past 12 months.
- 64% of surveyed financial institutions reported increased attempts of wire fraud transfer over the past 12 months, a 17% increase over 2019.
33% of surveyed financial institutions said they’ve encountered an attack leveraging island hopping (an attack where supply chains and partners are commandeered to target the primary financial institution) over the past 12 months.
The full report, available for download here: https://www.carbonblack.com/resource/modern-bank-heists-3-0/, takes a look at some of the key attack types financial institutions are encountering; how modern cybercriminals are evolving; what tactics, techniques and procedures (TTPs) are emerging; and how defenders can keep pace.
Click here to download the report: https://www.carbonblack.com/resource/modern-bank-heists-3-0/
Day two of Connect 2020, VMware’s annual cybersecurity conference, kicks off today at 4pm BST. There’s still time to register here: https://na.eventscloud.com/ereg/index.php?eventid=471999&
On 13th May, VMware announced its intent to acquire Octarine, which will bring intrinsic security to containerised applications running in Kubernetes and build security capabilities into the fabric of the existing IT and DevOps ecosystems. The company also announced the creation of a Next-Gen SOC Alliance featuring industry-leading SIEM/SOAR vendors Splunk, IBM Security, Google Cloud’s Chronicle, Exabeam, and Sumo Logic
VMware software powers the world’s complex digital infrastructure. The company’s cloud, app modernisation, networking, security, and digital workspace offerings help customers deliver any application on any cloud across any device. Headquartered in Palo Alto, California, VMware is committed to being a force for good, from its breakthrough technology innovations to its global impact. For more information, please visit https://www.vmware.com/company.html
VMware and Carbon Black are registered trademarks or trademarks of VMware, Inc. or its subsidiaries in the United States and other jurisdictions.