VMware study points to 238% increase in cyber attacks on financial institutions amid COVID-19

Third edition of the annual report "Modern Bank Heists" reports growth of ransomware, fraud in wire transfers and island hopping to companies in the sector

VMware, Inc. (NYSE: VMW), launched the third edition of the annual report "Modern Bank Heists", produced by VMware Carbon Black. The study combines the analysis of company data on threats to the results of the annual survey, which includes the participation of the top 25 CISOs, leaders in information security, from financial institutions.

"Financial institutions have been the target of cybercrime groups for a long time," points out Tom Kellermann, strategy leader for VMware's Security business unit. "Over the years, bank robberies have changed and are now taking virtual hostages, while cybercrime groups and nation states are trying to control digital transformation efforts. Now, as we address the impact of COVID-19 on a global scale, it's clear that financial institutions are in the target of invaders ".

Threat data analysis

• From the beginning of February to the end of April 2020, attacks on the financial sector grew by 238%, according to threat data from VMware Carbon Black.

• Ransomware attacks against the financial sector increased ninefold in the same period, according to data from the study.

• 27% of all cyber attacks in 2020, so far, have been targeted at the health or financial sectors.

Main search results

• 80% of the financial institutions surveyed reported an increase in cyber attacks in the last 12 months - a 13% increase compared to 2019.

• 82% said that cybercriminals have become more sophisticated in the past 12 months.

• 64% of participants reported a 17% increase in the number of fraudulent wire transfer attempts in the last 12 months, compared to 2019.

• 33% from financial institutions said they had encountered at least one attack using "island hopping" (in which supply chains and partners are required to target the main financial institution) in the past 12 months.

The full report, available for download here , analyzes some of the main types of attacks that financial institutions are encountering; how modern cybercriminals are evolving; what tactics, techniques and procedures (TTPs) are emerging; and how security professionals can keep pace.