Financial services in APJ among the most cyberattacked verticals

Asia-Pacific and Japan (APJ) region are reeling from sophisticated cyberattacks in the financial sectors. The surge in web app and API attacks in APJ appear to correlate with the high GDPs of some of the affected countries in the region. Reason, shortage of cybersecurity skills or talent in the region.

A recent Akamai State of the Internet report indicates a severe risk to the financial services sector in Asia-Pacific and Japan (APJ) region, as attackers ramp up attacks and shift to more sophisticated techniques. Particularly, web application and API attacks are increasing at an alarming rate while also growing in complexity.

Read more: Online cyber scammers abound in FIFA World Cup 2022

On April 6, 2022, Indian loans app CashMama reported a data breach, which exposed customer data that was invasively collected and stored.

Also in April, North Korean state-sponsored threat group Lazarus was discovered using ‘Trojanised’ decentralized finance apps to deliver malware in their latest spearphishing campaign.

Financial services is one of the most attacked industries when new vulnerabilities are discovered, a favorite target of DDoS attacks and continuously focused on by phishing campaigns, which are aimed at their customers who suffer the brunt of these attacks

In December 2021, around 790 banking customers of Singporean bank OCBC were targeted in a phishing scam that led to losses of at least US$13.7 million.

In July 2021, Japan, Australia, and India were among countries where users of banking applications were being targeted by a botnet campaign dubbed UBEL.

The Akamai report notes that roughly 80% of cyberattackers additionally aim their efforts at customers of financial services to find paths of least resistance for monetary gain.

Financial services in APJ are among the most attacked verticals in several critical areas: web application and API attacks, DDoS, phishing, zero-day exploitation, and botnet activities. Most concerning is the staggering surge in web application and API attacks — a 449% growth in the number of attacks against APJ financial services year-over-year.

High GDP Countries See Web App & API Attacks Surge

The surge in web app and API attacks in APJ seems to correlate with the high GDPs of some of the affected countries in the region. The shortage of cybersecurity skills or talent in the region could potentially be a factor in the increasing number of successful cyberattacks. Knowing what the attackers are focusing on could help organizations and security practitioners in APJ have a better understanding of their risk exposures and prioritize securing potential weaknesses.

Australia, Japan and India are the countries with the highest number of web application and API attacks in the region. A recent report cited Australia and India as the top two countries impacted by Conti ransomware attacks.

“Financial services is one of the most attacked industries when new vulnerabilities are discovered, a favorite target of DDoS attacks and continuously focused on by phishing campaigns, which are aimed at their customers who suffer the brunt of these attacks,” said Steve Winterfeld, Advisory CISO for Akamai.

“Attackers will always find ways to infiltrate your network or impact your customers. Understanding attack surfaces could provide insights into key risks and therefore allow organizations to devise security controls and mitigation plans to better protect customers,” he added.

Attackers Upgrade Techniques

Within 24 hours, exploitation of newly discovered zero-days against financial services reaches multiple thousands of attacks per hour and peaks quickly – affording little time to patch and react.

A significant increase in Local File Inclusion (LFI) and Cross Site Scripting (XSS) attacks demonstrate how attackers are shifting toward remote code execution attempts that present a larger strain on internal network security.

Phishing campaigns against financial services customers are introducing techniques that bypass two-factor authentication solutions and increase risk for everyday customers.

Customer account takeover attempts represent over 40% of attack types with another 40% focusing on website scraping, which is used to create more convincing phishing scams.

Read more: Enterprises must up their cybersecurity game while adhering to CERT-In norms

While cyberattacks pester every industry that attempts digitization, the financial sector is the worst hit. According to ESET Threat Report T2 2022, Web skimmer known as Magecart constituted three-fourths of all banking malware detections, leaving far behind the rest of the malware strains in the category.

Cryptocurrency threats went down along with the price of bitcoin; however, the previously declining category of Cryptostealers grew by almost 50%.