Trustwave Financial Services Risk Radar Report 2024

Keypoints

• The typical structure of annual cybersecurity reports from major vendors includes an introduction, sector-specific threat landscape, notable trends, threat actor techniques, and mitigation recommendations, providing stakeholders with a detailed understanding of current risks.
• Key statistics reveal that 65% of ransomware attacks in financial services originated from phishing, with 24% attributed to the ALPHV group, emphasizing the prominence of social engineering tactics among threat actors.
• Notable trends include a rise in insider threats, the mainstream adoption of phishing-as-a-service platforms, and the increasing sophistication of ransomware groups targeting financial institutions across global regions, especially in the US.
• Emerging technology risks from cryptocurrencies and deepfakes are shaping the threat landscape, with malware like Ov3r_Stealer designed to exfiltrate digital wallets and deepfake scams used for fraud and identity impersonation.
• Common attack techniques across stages include phishing for initial access, PowerShell for execution, brute-force password attacks for credential access, and remote services for lateral movement within networks, highlighting areas for targeted defense measures.
• Recurring themes emphasize the importance of proactive security measures such as continuous monitoring, layered defenses, strict access controls, comprehensive employee training, and adherence to evolving regulatory frameworks to mitigate sophisticated cyber threats in financial services.