FS-ISAC Report Finds Cybercriminals and Nation-State Actors Are Converging, Increasing Cross-Border and Supply Chain Attacks


FS-ISAC has announced the findings of its Global Intelligence Office’s latest report, Navigating Cyber 2021, which found that wittingly or otherwise, nation-states and cybercriminals are leveraging each other’s tools and tactics, leading to an increase in well-funded, cross-border attacks targeting financial institutions and their third-party suppliers across the globe.

The global pandemic has accelerated digital transformation, connectivity, and the interdependence of the sector, as demonstrated by recent supply chain attacks. Now more than ever, the financial services industry needs a trusted conduit of real-time cyber threat information between institutions and third parties.

“FS-ISAC was the logical host for us to brief the financial services sector to reach a critical mass of institutions around the world all at once,” said Jonathan Yaron, CEO of Accellion. “This way, we could ensure that the industry received critical and correct information via a trusted source, enabling it to act quickly to mitigate the impact of the incident.”

“Organizations properly practicing defense-in-depth with multi-layered controls are still vulnerable to large-scale and even systemic issues through third party suppliers,” said J.R. Manes, Global Head of Cyber Intelligence at HSBC. “The FS-ISAC community provides its members the visibility into emerging threats that could impact customers and business, even when they are not directly exposed. Ensuring and encouraging the sharing of cyber threat intelligence is a vital part of the defense of not only the financial sector, but the whole business ecosystem that runs on top of the Internet.”

In the report, FS-ISAC’s Global Intelligence Office outlines top threats to the industry in 2021 and beyond, including:

  • Convergence of nation-states and cybercriminals: Amid shifting geopolitical tensions, nation-state actors are working in tandem with cybercriminals, either knowingly or unknowingly, to leverage their skills and tools to enhance their own capabilities. For example, ransomware operators may continue partnering with other threat actors to have multi-faceted impact from a single attack, such as using access for cyber espionage purposes.
  • Third-party risk will continue to dominate the discussion: Third-party vendors and suppliers performing critical services for financial services firms will continue to be lucrative targets for threat actors. In the last two quarters, three highly visible incidents have shown the need for a central hub for reliable and relevant information for fincyber professionals.
  • Cross-border attacks will increase: As we saw with a DDoS extortion campaign that hit more than 100 financial institutions around the world over a few months, cyber criminals test their attack in one country and then use the same infrastructure to hit multiple continents and sub-verticals, increasing their return on investment.

“Trying to outpace evolving cyber threats and well-funded criminals diverts resources from the relentless focus on serving customers needed to stay ahead in this fiercely competitive landscape,” said Steve Silberstein, CEO of FS-ISAC. “As the global fincyber utility, FS-ISAC enables industry-wide cross-border sharing to pool resources, expertise, and capabilities to better manage cyber risks and incident response.”

If your financial institution is not yet a member of FS-ISAC, apply to become a member here.