The Escalation of Cybercrime

Tom Kellermann

Amid the COVID-19 pandemic, cyberattacks against the financial sector surged by 238%, according to VMware Carbon Black data. Cybercriminals are taking advantage of COVID-19, and are doing so in tandem with the news cycle.

In 2020, cyber defenders have seen a high level of innovation from cybercriminals, who are leveraging new tactics, techniques, and procedures (TTPs) to maintain persistence and counter incident response efforts.

At an alarming rate, transnational organized crime groups are leveraging specialist providers of cybercrime tools and services to conduct a wide range of crimes against financial institutions, including ransomware campaigns, business email compromise (BEC) scams, and access mining.

Criminals are increasingly sharing resources and information and reinvesting illicit profits into the development of newer, more destructive capabilities.

When combined with the steady commercial growth of mobile devices, cloud-based data storage services, and digital payment systems, cybercriminals today have an ever-expanding host of attack vectors to exploit.

According to the Modern Bank Heists Report, 80% of surveyed banks said they’ve seen an increase in cyberattacks over the past 12 months, marking a 13% increase over 2019. And 2020 has offered a glimpse into a new world. 25% of surveyed financial institutions said they were targeted by destructive attacks over the past year.

Destructive attacks are rarely conducted for financial gain. Rather, these attacks are launched to be punitive by destroying data. 33% of surveyed financial institutions said they’ve encountered island hopping, an attack where supply chains and partners are commandeered to target the primary financial institution.

Cybercriminals are evolving in both attack sophistication and organization. The financial sector is the most secure industry in the world but is also being targeted by cybercriminals and nation-states.

We must pay close attention to how we respond to these threat actors and what their ultimate goal is—hijacking your digital transformation efforts via island hopping. Trust and confidence in the safety and soundness of the US financial sector are dependent on intrinsic cybersecurity. The partnership between VMware Carbon Black and Okta represents a new era in cybersecurity where defenders are united to civilize the dark web.

Tom Kellermann
Head of Cybersecurity Strategy

Tom Kellermann is the Chief Cybersecurity Officer for Carbon Black Inc. Prior to joining Carbon Black, Tom was the CEO and founder of Strategic Cyber Ventures. On January 19, 2017, Tom was appointed the Wilson Center’s Global Fellow for Cyber Policy in 2017.

Tom previously held the positions of Chief Cybersecurity Officer for Trend Micro; Vice President of Security for Core Security and Deputy CISO for the World Bank Treasury.