Better Than Nothing: Financial Market Institutions Improve Cyber Security, But Still At Risk

Swift’s BAE Systems has recently released their study of the future of Financial Markets in the wake of cyber attacks, especially malware infestation and cryptocurrency mining malware. It was clear that the cryptocurrency exchange market had been a favorite target due to various flaws with the platforms they are using, and this is definitely not unique and can happen to any industry, like the financial sector.

“The cyber threat facing the financial sector has never been greater. From banking trojans affecting individual customers, through systemic threats posed to availability and integrity by ransomware, to targeted attacks from Advanced Persistent Threat (APT) groups, the landscape is evolving on a daily basis,” said BAE Systems in their official blog.

The silver lining in the study is the financial market’s increasing understanding of the risks involved with the evolution of computer systems. However, the readiness of each financial-market player is a whole different question that needs to be answered.

The chart above shows a rough history of trojan horses and other malware which targeted financial institutions. The bottom line is automated attacks like malware are no longer the primary channel to targeting financial companies, but rather something related to state actors. One of which was the Lazarus group, which is connected with the North Korean regime, an elite state-run hacking group maintained by the Kim dynasty.

“Market Participants were generally found to be subject to higher threat and greater susceptibility, particularly in securities, banking and payments and trade finance. The differing cyber maturity of Participants, together with higher numbers of interactions and higher numbers of complex interactions and processes, gives more opportunities for cyber threats to exploit.  Participants can interact with multiple markets and multiple operations. Interactions, while important, are only one aspect of what they do. This means there is potentially less focus, expertise and resource on the cyber threat as Participants can’t focus everywhere, all of the time. A complex set of ecosystems, as well as manual and automated hybrid processes between Participants, feed into interactions with markets. This generates inherent trust and reliance on the systems and processes that provide ample opportunities for APT groups to exploit,” explained the Bae System blog.

In contrast companies in the Financial market are focusing on answering the challenges in the market practices, automation disruption due to increasing competition. Cybersecurity risk is a game of the low hanging fruit, the lower the defenses, the easier for a financial entity of becoming the next target. The solution is intensified cybersecurity defense spending, as this is not just a cost center, but also an investment for the future.

“In the near term, we believe the cyber threat is highest in the securities markets, particularly to its Participants. This is due to the large numbers of Participants and infrastructures in that market, the complexities of their interactions, and inherent characteristics such as long chains of custody, unstructured communications, and trusted practices – all of which combine to provide opportunities for APT groups to exploit. The threat to Participants in the banking and payments market remains near term as it provides more direct cash out opportunities, but cyber risks are better understood in this area and SWIFT’s CSP has also helped improve their defenses. Trade finance participants, meanwhile, are subject to a near-term cyber threat but less so than other near-term targets due to the potentially lower returns for the attacker,” concluded the blog.