By Liran Tzah
In May, Cytegic’s DyTA processed and analyzed hundreds of thousands of data points from multiple sources. Here are some of the top trends we identified for the month:
Since April, the amount of cyber activity worldwide has decreased by 25%, registering a 30% drop in three months. North America is still the most targeted and cyber-active geo-political region in the world, followed by Western Europe and the Middle East. Both Western Europe and the Middle East have reached their lowest cyber activity level Since Q4 2015.
HOWEVER: While overall cyber activity might be dropping, the scale and magnitude of what attacks are occurring attacks have risen dramatically.
We’re seeing a proliferation of advanced attack methods, allowing lower-capability attackers to use higher-scale attack methods to target specific, high-potential individuals (such as CEO’s, engineers, government officials, etc.) as a means to gain access to personal identifiable information, healthcare records and monetary value assets.
An analysis we have conducted on SWIFT attacks and the overall threat landscape for financial institutions shows that since 2015, there has been an increasing trend of financially driven attacks targeting financial transactions and bank account data. Banks and other financial institutions should remain vigilant, as these attacks have a high probability to escalate.
Also – For the first time in two years, monetary value (mainly bank account data) is the most targeted asset in North America, followed by available services to clients. This correlates with our recent analysis of the increasing trend of attacks on the banking industry:
In order to thwart such direct financially – driven attacks targeting financial transactions and monetary value assets, banks and other financial organizations should:
- Strengthen their anti-phishing and social engineering training and awareness among their employees and managers.
- Employ strong network, server and endpoint encryption and hardening.
- Implement advanced network and user anomaly detection tools to identify deviations in behavior of users and transactions.
- Use automated cyber risk assessment and calculation in order to better their resilience.
The May Report can be downloaded here.