More than 100 financial services firms were targets of a wave of distributed denial of service (DDoS) extortion attacks conducted by the same threat actor, according to a new report from the Financial Services Information Sharing and Analysis Center (FS-ISAC).
Targeting a wide range of financial services companies all around the world – including banks, fintechs, exchanges, card issuers, payments companies, insurance companies, credit bureaus, asset managers, money transfer companies and payroll companies – the criminals sent extortion notes threatening to disrupt the firms’ websites and digital services. While the spate of attacks has since slowed, FS-ISAC warns that the recent boom in cryptocurrencies (which cyber criminals use to demand payment) could incentivize another wave, and stresses that the key to minimizing damage is collaboration and sharing of information.
“Today’s cyber criminals know no borders,” says Teresa Walsh, global head of intelligence at FS-ISAC. “This wave of attacks has shown how critical global cyber intelligence sharing is.”