720-891-1663

Return to the list of client alerts

Cyber Heists of Financial Institutions on the Rise

While this report specifically addresses financial institutions, it likely applies to other industries equally. For example, attacks on healthcare are on the rise, too (see info here).

This VMWare/Carbon Black report (below) provides these statistics:

  • 80% of the respondents said they saw an increase in attacks over the last 12 months
  • 27% of the attacks targeted healthcare and finance
  • 82% said the attacks have become more sophisticated. That is certainly concerning
  • 64% saw an increase in fraudulent wire transfer attempts

Likely none of this is a surprise to folks, but the report also provided some specific incident preparation/response tips – assume you are going to get hit at some point in time.

  1. Stand up a secondary line of secure communications that support talk, text and file transfer. Assume that corporate email will be (a) compromised and/or (b) monitored by the bad actors.
  2. Assume that the attacker has multiple entry points into your network. If you try and shut down just one, it is like playing the game of whack-a-mole and, more importantly, you just told the attacker that you are onto him or her, causing smart hackers to (a) keep a low profile and (b) create multiple additional re-entry points that might go undetected.
  3. Watch and wait. This is the hardest and one we see all the time when we get called in after a breach. By watching you get to see, maybe, what the hackers are doing. It helps the forensics experts detect, perhaps, what hidden bunkers the attackers have and what re-entry points they may have.
  4. Deploy agents in passive mode. If you must, add passive monitoring devices, but not active devices. Active devices again will tip off the attackers, causing them to hibernate and wait you out.
  5. Deploy honey pots. Honeypots are sensors that attract the hackers but don’t tip them off. It is a good way to get intel on the hackers and to distract them from the real targets. One well known vendor of these is Thinkst and no, we don’t get any money from them.

Things like agents, honeypots and alternate communication schemes should be set up BEFORE an attack – like now!

If you have not already thought about these preparation and response tactics, now would be a time to consider them, given the attacks are not going away any time soon.

A copy of the full report is available here.

Copyright © 2025 CyberCecurity, All rights reserved. Privacy Policy