PR94921

RESTON, Va., Mar. 11, 2022 /PRNewswire=KYODO JBN/--

-- Third-party risk, zero-day vulnerability exploits, and ransomware will

   remain at the forefront of the cyber threats facing financial institutions

   in 2022

FS-ISAC (

https://c212.net/c/link/?t=0&l=en&o=3467853-1&h=76173043&u=https%3A%2F%2Fwww.fsisac.com%2F&a=FS-ISAC

), the only global cyber intelligence sharing community solely focused

on financial services, today announced the findings of its annual Global

Intelligence Office report, Navigating Cyber 2022 (

https://c212.net/c/link/?t=0&l=en&o=3467853-1&h=4182962358&u=https%3A%2F%2Fwww.fsisac.com%2Fnavigatingcyber2022-report%3Futm_campaign%3D2022-GIOReport%26utm_source%3Dmedia%26utm_medium%3DPressRelease&a=Navigating+Cyber+2022

). The report found that the rapid digitization of the financial services

sector has led to an increase in global cyber threats in 2021, specifically the

acceleration of high-profile cyber-attacks targeting third-party suppliers and

critical zero-day vulnerabilities. This led FS-ISAC to increase its Regional

Cyber Threat Levels an unprecedented three times in 2021.

Looking ahead to 2022, FS-ISAC expects the trifecta of third-party risk, the

growth in zero-day vulnerabilities as an attack vector, and the ability of

ransomware groups to adapt despite increased scrutiny by law enforcement to

complicate an already challenging cyber threat environment.

"As the threat landscape continues to evolve at a rapid pace, cross-border

intelligence sharing is critical to help defend financial institutions against

cyber threats," said Steven Silberstein, CEO of FS-ISAC. "As the global

fincyber utility, FS-ISAC enables industry-wide cross-border sharing to pool

resources, expertise, and capabilities to better manage cyber risks that the

global financial industry faces on a daily basis."

The report outlined top threats to the industry in 2022 and beyond, including:

    -- Third-Party Attacks: Several high-profile third-party incidents have

       impacted the security and availability of products and services used

       by many financial firms, resulting in significant resources expended.

    -- Zero-Day Vulnerability Exploits: In addition to rapid digitization,

       zero-day exploits are growing due to the diversification of the kill

       chain. Criminals increasingly specialize in different stages of

       cybercrime, making it easy to simply buy (or sell) access to

       vulnerabilities without needing to know how to find them.

    -- Ransomware: Ransomware groups operating in safe-haven countries often

       shut down temporarily to avoid international law enforcement, only to

       open months later under new names with few repercussions.

Member financial firms reported high levels of phishing and business email

compromise, which is the entry point for most attacks, as well as the

persistence of notorious malware strains often used to drop ransomware.

"The macro-level cyber landscape translates into increased cyber threat

activity on a daily basis, as cybercriminals are endlessly inventive in how

they gain access and leverage to extort victims," said Teresa Walsh, Global

Head of Intelligence at FS-ISAC. "Phishing schemes continue to be one of the

most popular tactics threat actors use to access networks. In fact, twenty-four

percent of FS-ISAC member-reported incidents are phishing campaigns targeting

employees."

Methodology

The Navigating Cyber 2022 report is sourced from FS-ISAC's thousands of member

financial firms in more than 65 countries and further augmented by analysis by

the Global Intelligence Office. Multiple streams of intelligence were leveraged

for the curation of the round-up, which examined data from January 2021 to

January 2022. The publicly accessible version of the report can be found here (

https://c212.net/c/link/?t=0&l=en&o=3467853-1&h=386498209&u=https%3A%2F%2Fwww.fsisac.com%2Fnavigatingcyber2022-report%3Futm_campaign%3D2022-GIOReport%26utm_source%3Dmedia%26utm_medium%3DPressRelease&a=here

). The full report is only available to member financial institutions.

About FS-ISAC

The Financial Services Information Sharing and Analysis Center (FS-ISAC) is the

only global cyber intelligence sharing community solely focused on financial

services. Serving financial institutions and in turn their customers, the

organization leverages its intelligence platform, resiliency resources, and a

trusted peer-to-peer network of experts to anticipate, mitigate, and respond to

cyber threats. Members represent over $35 trillion in assets under management

in more than 65 countries. To learn more, visit: fsisac.com (

https://c212.net/c/link/?t=0&l=en&o=3467853-1&h=3897655722&u=https%3A%2F%2Fwww.fsisac.com%2F&a=fsisac.com

).

Contacts for Media:  

media@fsisac.com

SOURCE: FS-ISAC