International. Financial services are among the sectors most affected by cybercrime; whose extreme losses from cyberattacks worldwide have more than quadrupled since 2017, to $2.5 billion in 2023.
Attacks are becoming more sophisticated and rapid, and without full visibility into the technical ecosystem, financial institutions may be leaving backdoors open.
Last year, there were 173 ransomware attacks (both successful and unsuccessful) on financial services institutions in the world; increasing in the last two years, from 43 attacks on average in 2021 to 62 in 2023. While the industry has a reputation for robust security measures, these numbers underscore a critical vulnerability that cannot be overlooked, according to Akamai's "Overcoming Implementation Hurdles to Protect Critical Banking Systems."
Oswaldo Palacios, Senior Account Executive for Akamai, explained that ransomware attackers, who often work in organized groups, such as CL0P — a Russian ransomware gang known for demanding multimillion-dollar payments from victims — leverage compromised assets and then move laterally across the network to detect and exploit other vulnerable assets.
Zero-day vulnerabilities, such as the MOVEit SQL injection vulnerability, allow attackers to access and spread the attack quickly by using automated scripts to encrypt systems, steal data, and demand a ransom. "Any disruption or downtime in financial services has serious consequences, and the sensitive data held by companies in this sector can turn into ground gold, as they often store not only data of individuals, but also of companies," he said.
Financial services institutions in the Asia Pacific (APAC) region have been the target of the highest number of ransomware attacks (73), while the LATAM region has been the least impacted (48), according to Akamai's report. It also revealed that the number of financial services institutions that are continuously updating their cybersecurity strategies or policies has increased from 3% in 2021 to 18% in 2023, not only in response to ransomware attacks but to an ever-changing attack surface.
Geographically dispersed work teams and the migration of applications and data to the cloud are just two factors that
affect the security strategy on a daily basis.
Adoption of Microsegmentation and Zero Trust in Financial Companies
Due to the rise in ransomware attacks, only financial services firms with more advanced segmentation have transformed their defense. Segmentation is an architectural approach that divides a network into smaller segments in order to improve performance and security.
Akamai's 2023 State of Segmentation report found that respondents in the financial services industry agreed that segmentation is important to ensure their organization is secure, and in particular, to address malware: 66% said it is extremely important, and 92% felt it is critical to help thwart malicious attacks.
Oswaldo Palacios highlighted that in recent years, software-defined segmentation has emerged as a more flexible, streamlined, and cost-effective approach to application-level security, which dramatically accelerates deployment, simplifies ongoing maintenance, and is ultimately more effective at mitigating threats.
"After a breach is carried out, recovery based on a segmentation strategy can occur in less than 11 hours. For those companies that have implemented segmentation in six critical areas, it takes four hours on average to completely stop a ransomware attack; and approximately three hours to significantly limit the lateral movement of a ransomware attack," the expert reported.
Financial services institutions aspire to go further and implement micro-segmentation, which protects application workloads at a granular level: 88% said micro-segmentation is at least a high priority, and 39% name it as their top priority. Financial firms in Latin America are most likely to consider it a top priority (50%), while countries in the EMEA region are the least likely (31%).
Segmentation also goes a long way toward an effective Zero Trust framework. In addition, the more business areas a financial services institution segments, the more it will advance its Zero Trust architecture, allowing it to reduce the risk it currently faces and ensure a top-line defense against future threat vectors.
Companies located in Latin America are more likely to declare that their implementation of Zero Trust architecture is fully complete and defined (49%) than countries in APAC (35%) or EMEA (33%). "Financial institutions are adopting the Zero Trust model to address the growing number of ransomware threats, strict compliance regulations, and the challenges of migrating to the cloud," said Oswaldo Palacios.
Finally, the executive asserted that to be competitive financial services companies, their security teams need a Zero Trust network architecture that is capable of protecting enterprise data, regardless of the location of users and devices, while ensuring the fast and optimal operation of applications.
