2021 saw massive ransomware payments across more critical infrastructure than in past years. Though cyber-attacks targeting the financial services sector received less attention-grabbing headlines than IT software and services providers and healthcare organizations, we expect the financial sector to remain a primary target of cyber threat actors.
The pandemic introduced a lot of vulnerabilities and blurred the lines between work and home. A recent survey found that 80% of company executives and leaders expect to let staff work from home at least part-time post-pandemic. In addition, 47% stated that they would let their employees work remotely full time. Cybercriminals are targeting remote workers. Personal devices are easier to hack compared to office hardware. We expect to see this trend increasing as we head into 2022. If anything, the last two years have taught us that there is no going back, only forward.
Employees are demanding more flexibility in their working environments. However, this opens the door for increased vulnerabilities for many industries, such as the financial sector. Many departments (or business units) felt current IT tech stacks were not enabling them to work from home as they needed to, and thus implemented “shadow IT.”
Employees are demanding more flexibility in their working environments. However, this opens the door for increased vulnerabilities for many industries, such as the financial sector. Many departments (or business units) felt current IT tech stacks were not enabling them to work from home as they needed to, and thus implemented “shadow IT.”
What is Shadow IT?
“Shadow IT” refers to all the devices, software, and services that are used by company staff but are outside the control of IT organizations, typically because they are purchased directly and thus are managed by the business unit. An example of shadow IT is marketing purchasing a SaaS application or service to help conduct market research. Under a certain cost threshold, and with take-it-or-leave-it terms and conditions, a simple credit card and checkbox agreement is all that’s needed to procure many items – not just software but also devices. (In pre-COVID days, a marketing director could purchase a smart speaker for the department, for example.)
According to Gartner, shadow IT is 30 to 40% of IT spending in large enterprises.
Shadow IT poses significant cyber risk because most business units are not also considering the cybersecurity impact should the device, application, or service be attacked or breached. Other risks include:
- Increased security gaps
- Social engineering hacks
- Phishing attempts
- Malware injections
In addition, we expect to see more government legislation around cybersecurity policies for organizations in 2022. Even looking a few years further, Gartner predicts that there will be a 30% increase of nation states passing legislation to regulate ransomware payments, fines, and negotiations by the end of 2025, compared to less than 1% in 2021. As vulnerabilities increase for all industries, the financial sector is even more at risk. Financial service organizations face an increasing volume and intensity of cyberthreats. As a sector with sensitive data and critical transactions, the possibility and impact is high.
For more information, please download our Financial Services Threat Brief. It provides an overview of threats LookingGlass has observed over the past year from our external attack surface management solution and from open-source research and intelligence analysis used to support our customers.
Financial services organizations can use this information to better understand adversary/actor profiles, motivations/objectives, and the types of threats and tactics used by adversaries targeting the sector. Download the report here.
