Hometechnology News

India's banking and finance sector most cyber-targeted in the Asian region: Report

India's banking and finance sector most cyber-targeted in the Asian region: Report

India's banking and finance sector most cyber-targeted in the Asian region: Report
Read Time
4 Min(s) Read
Profile image

By Pihu Yadav  Oct 25, 2022 3:50 PM IST (Published)

CloudSEK’s analysis shows the majority of cyber incidents in 2021 and 2022 were focused differently. 2021 targeted banking entities on a global scale and North America with equal fervour.

The Banking Finance Services and Insurances (BFSI) industry is the most lucrative sector for hackers and cyber criminals, according to a recent report. CloudSEK, a cybersecurity platform, recorded 283 incidents in the first six months of 2022 in comparison to 469 incidents in 12 months in 2021.

Recommended Articles

View All

Researchers from CloudSEK said, “Our data reveals that cyberattacks against the BFSI sector have increased manifold. Almost 10 percent of the recorded cyber incidents in the financial year 2021–22 were aimed at this sector with a major paradigm shift in the most targeted region from North America to Asia, Pacific, and Europe.”
India remains most attacked among Asian nations
CloudSEK’s analysis also shows that majority of cyber incidents in 2021 and 2022 were focused differently. While 2021 targeted banking entities on a global scale and North America with equal fervour, in 2022, there was a marked shift in interest towards Asia vis a vis North America. Incidents focusing on Europe, South America and the Middle East have also reported an upsurge in 2022.
While the number of attacks on specific nations fluctuated, India, Brazil, and the United States maintained their positions as the top five countries in the BFSI industry (in 2021 and 2022). The USA recorded twice the number of cyber incidents in the BFSI sector than any other country in both 2021 and 2022.
India has been at the forefront of attacks targeted at the Asian region. 7.4 percent of the targeted attacks in the year 2022 were targeted toward the Indian subcontinent. Whether it was nationalised banks, crypto exchanges or wallets, NBFCs or credit card information leaks, India has emerged to be the newfound hotbed for cyberattacks in Asia. It can be attributed to the growing digitalisation and online banking systems that were catapulted during the pandemic.
“Any threats to the banking and finance industry has a cascading effect on the overall economic development of a country. Not to mention the massive phishing campaigns that can be set in motion with exposed Personal Identifying Information (PII). These sophisticated Tactics, Techniques, and Procedures (TTPs) and mutated attacks are being employed to target the weakest links in the chain. A global wake-up call is the need of the hour to not be the pawn in these organised criminal activities,” CloudSEK researchers said.
Who’s to blame?
Digitalisation and ubiquitous banking services have accelerated the growth of threats against the banking sector. The unprecedented growth of blockchain and cryptocurrency has further given threat actors access to the sector like never before. This coupled with newer and evolving phishing mechanisms have given access to targeting the banking industry with new and improved TTPs. The scattered nature of stakeholders also makes the Banking and Finance Industry a risky proposition.
Threats to this sector can result in significant loss of consumer information and financial resources, not to mention reputational harm to the compromised firm since the public awareness of their vulnerabilities is a deterrent to attracting new clients. In some cases, it can also result in data corruption and operations disruption.
Types of attacks
Data breaches and digital banking threats were the two major types of attacks targeting this sector, with more than 50 percent of the reported cases, in both the years (2021 and 2022), involving the leak or sale of databases, i.e. data breach. About 20 percent of reported events were threats to digital banking, which mostly comprised selling, buying, compromising, and bypassing access to various digital payment systems, banking accounts, and digital wallets (crypto or otherwise). Another major threat, accounting for 15 percent of the reported instances, involved credit card-based threats, indicating threat actors' growing interest in using financial resources to handicap targets.
Malware-based cyber incidents accounted for about 18 percent of the total attacks recorded against this sector in 2022. Trojans, Ransomware, Botnet, and Info Stealers have been the most popular attack vectors used by cybercriminals to target this industry. Inspired by the ease of implementation of the Business-as-a-Service (BaaS) model, cybercriminals have developed their variant known as Malware-as-a-Service (MaaS).
Due to the increased sophistication of the strategies and malware used to target this industry, it has become imperative to develop stronger and more responsive preventive measures to protect this sector from any further attacks.
Mitigation measures
Some measures financial institutions and related government entities can undertake include
- conducting continuous security awareness programs
- enacting strong password policies
- enabling multi-factor authentication
- monitoring logs, and blocking illegitimate IP addresses.
Banking customers can shield themselves from cyber threats by keeping themselves informed of ongoing financial scams in the news and practising safety measures such as not sharing OTP and ATM pins with anyone and not clicking on suspicious emails, messages, and links.
Check out our in-depth Market Coverage, Business News & get real-time Stock Market Updates on CNBC-TV18. Also, Watch our channels CNBC-TV18, CNBC Awaaz and CNBC Bajar Live on-the-go!

Most Read

Market Movers

View All
Top GainersTop Losers