Russia’s invasion of Ukraine has increased the level of threats in the global cyber landscape, sparking a flood of ideologically driven “hacktivism” that, driven by both sides of the conflict, has substantially put at risk the financial services sector, particularly for institutions in countries that Russia considers hostile, according to a recent report

These threats can come from hacktivist groups or directly from the nation-states themselves, notes the Navigating Cyber 2023 report by the Financial Services Information Sharing and Analysis Center (FS-ISAC), a global finance industry body that shares cyber threat intelligence and analysis.

In Asia-Pacific, FS-ISAC members in the first half of the year reported rising concerns around the cyber impact of the Russia-Ukraine war and around state-sponsored attacks by China and North Korea.

In the second half of 2022, members reported an increase in cyber incidents involving impersonation of specific individuals. Asia-Pacific members, according to a mid-December survey, consider ransomware to be a major threat, along with reports of rising cyber insurance premiums and exemptions for ransomware.

The Asia-Pacific region, home to a significant number of small and medium-sized enterprises (SMEs) with limited resources and insufficient cybersecurity measures, has been particularly vulnerable to these attacks.

Some of the more traditionally common cyber threats, such as distributed denial-of-service attacks and ransomware, are becoming more sophisticated, the report also notes, and the suite of tools at a malicious actor’s disposal continues to develop.

Looking ahead into 2023, the report points out three key drivers of change in the threat landscape.

First, there is a growing market for malware-as-a-service. As threat actors become specialized in specific aspects of the kill chain and offer their services in skills and code for sale, cyberattacks become easier to orchestrate, less attributable and of lower risk. Supply-chain threats proliferate as key software, authentication, technology and cloud service providers are increasingly targeted.

Secondly, the accessibility of artificial intelligence (AI) is both helping attackers and defenders. The emergence of new AI-technology lowers the barrier for hacking, allowing threat actors to use tools like ChatGPT to design ever more convincing phishing lures. However, those same tools will be leveraged to strengthen defences as well.

Lastly, cryptocurrency offers a prime target for cybercriminals. Cryptocurrency and digital assets are becoming more integrated into global financial infrastructure, generating a complex regulatory environment for multinational firms. In addition, threat groups will continue to finance their operations using cryptocurrency, highlighting the need for better oversight and asset class protections.

In general, the threat landscape is rapidly changing, and organisations face the challenges of increasing regulation around the world, seismic shifts in the cyber insurance market, and cybersecurity talent shortages. Facing massive changes in their operational environment, the financial services sector must navigate pressures to reduce costs without compromising the ability to continuously evolve defences and enhance operational resilience.

“Unfortunately, the growing involvement of non-state actors attacking on an ideological basis and the manipulation of information by malicious actors will continue to sow uncertainty across the landscape in actual and perceived security threats,” says Steven Silberstein, CEO of FS-ISAC. “The best tool available for financial institutions to combat this is intelligence sharing, allowing collaboration across the global industry and ensuring better cyber preparedness.”