Data extortion ransomware attacks on financial sector up 350 per cent during Covid-19 pandemic
The global Covid-19 pandemic has disrupted the cybersecurity landscape, with ransomware seeing some of the largest pivots in attacker strategy, leaving organisations across sectors – including finance – vulnerable.
Data from the CrowdStrike Intelligence team reveals a surge in ransomware attacks during the pandemic, with data extortion becoming the most used attack method for all sectors – with 1,430 incidents reported globally in 2020.
The financial sector was one of the most targeted by cybercriminals in 2020 during the Covid-19 pandemic at a time when rapid shifts in working practices left organisations vulnerable.
In the first emergency phase of the pandemic in Q2 2020, ransomware attacks on financial organisations using data extortion techniques were up 417 per cent compared to Q1. The sector reported 31 attacks between March and May alone.
By Q4 attacks had eased off, but across the whole of 2020 data extortion incidents were up by an average of 350 per cent compared to pre-pandemic levels in Q1.
Overall, there were 86 attacks on the financial sector recorded in 2020, ranking it in 6th place in the most targeted industries list.
By comparison, the most target sector in 2020 by data extortion ransomware was Industrials & Engineering, recording 229 successful attacks, followed by Manufacturing (228 attacks), Technology (145), Retail (142) and Healthcare (97):
Although the financial sector may not have been hit the hardest, it is reported that the extortative cost of cyber-attacks for this industry is higher than any other. The average annual cost of cybercrime on the financial sector is estimated at USD18.5 million.
Recent data also shows that 82 per cent of financial organisations that have recently reported ransomware attacks, feel techniques have got significantly more sophisticated and attackers’ internal knowledge has improved.
The rapid shift to remote working during the first phase of the pandemic put the financial industry in a vulnerable position which attackers were quick to exploit. As such, 57 per cent of recently surveyed respondents said they believed the severity of cyberattacks was increasing at a time when businesses were being disrupted and tested by pandemic challenges.
It’s clear data extortion has become the most lucrative ransomware method used by cybercriminals worldwide and the Covid-19 pandemic has certainly accelerated this shift.
The data also highlights that financial organisations have become one of the main targets for ransomware attacks, meaning now, more so than ever, organisations need to invest in and strengthen their cybersecurity defences with products including cloud-delivered endpoint protection.
North America recorded the highest levels of ransomware attacks in 2020 using data extortion (947 incidents). This is 177 percent higher than Europe (342 incidents) in second place and 1,313 percent higher than Asia in third place (67 incidents).