Predictions for 2018: Cyberthreats in the financial sector

Kaspersky Lab looks ahead to the main threats likely to affect the financial industry in 2018.

Kaspersky Lab always keeps a very close eye on the changing cyberthreat landscape. Knowledge of past and present makes the future more predictable and allows us to make annual forecasts for various verticals. Today we want to talk about the financial sector.

Businesses and individuals alike make use of financial services. And wherever there’s money, there will always be criminals both common and cyber. Our experts reckon that in 2018, the financial services market should brace itself for a new round of cyberthreat development. Here are some of our predictions:

Cryptocurrency — in vogue in the cybercriminal world

Cryptoindustry is witnessing such an extraordinary boom that many financial institutions are set to introduce cryptocurrency support for their services. On the downside, cybercriminals smell an opportunity. Therefore, the industry will have to learn to ward off attacks on cryptocurrency wallets and marketplaces.

Speed increases danger

Payments processed by financial services are constantly growing in terms of speed and volume, as is the load on information systems, including security solutions. At the same time, consumers have already grown used to payments being near instantaneous, and they are not prepared to tolerate delays. Amidst all the haste, fraudulent transactions often slip in under the radar. Therefore, to speed up the verification of payments with no impairment of service, companies will have to use solutions based on neural networks and machine learning.

If the door is locked, try the window

Financial institutions are making strides toward better transaction protection: Support for smart cards at points of purchase, biometric authentication, and tokenization of payments have made life harder for cybercriminals. To keep their fingers in other people’s pies, intruders will turn more and more to hijacking legitimate accounts. And that means financial institutions will have to find more reliable ways to verify the identities of their clients.

Fraud as a service

Lots of businesses engage the services of third-party organizations for apps, databases, cloud computing, and much more. Seeing the benefits of software as a service, cybercriminals have rolled out similar models: Ransomware Trojans can be franchised or leased, for example, and DDoS attacks are available for order. Anyone with the cash and the desire can hire an army of bots, set up phishing websites, and lots more. Almost everything underpinning the financial cybercrime industry can be bought. The Fraud-as-a-Service model will open the door to the world of cybercrime to newbies who lack once-mandatory skills and experience — which means that companies and organizations need to prepare themselves for a hike in the number of attacks.

That was just a taste of our predictions for the financial industry. To learn more or read our forecasts for other sectors, check out this post on Securelist. In addition, we plan to hold a webinar with an in-depth review of our industry and technology threat predictions for 2018 on November 22, 14.00 GMT. You can register here. Stay alert, and don’t let criminals find any soft spots in your defense!

Tips