“Spike in destructive attacks, ransomware boosts banks’ cybersecurity spending in 2022”
As of 2022, it was reported through this article (through references to various reports, including those published by VMware and IBM) that when compared to 2021, financial institutions planned to greatly increase their security budgets. This was decided in order to protect the institutions from ransomware and destructive cyber-attacks. It was reported that a large majority of financial institutions expected to increase their budgets by 20%-30% in 2022, even though these companies are already the second-highest “spenders” in security among all industries. A quick reference to IBM’s “Cost of a Data Breach” report of 2022 informs readers that the financial industry spends an average of “$5.72 billion per data breach”, even though most institutions were only spending approximately 12% of less of their budgets on cyber-security. However, nearly doubling security budgets in 2022 is deemed necessary as a result of over a 50% increase in cyber-attack attempts, since 2021, towards financial corporations.
The spike in destructive attacks affected more than 60% of the finance industry, with attacks targeted to “destroy data and dismantle subnets” through “encrypting files, deleting data, destroying hard drives” and various other methods of execution. Ransomware attacks, on the other hand, utilize RATs (remote access trojans) to gain control of institutions’ systems, “compromi[sing] a network, encrypt[ing] sensitive files”, and then requesting crypto-currency from victims in exchange for a decryption key. This method appears to be highly successful when used against financial institutions, as 63% of victims of these attacks were noted to have paid the requested ransoms. Chainalysis, the “cryptocurrency investigation and compliance solutions provider”, reported that in the previous year over $600 million were related to ransomware payments, though it is believed that in reality the total was most likely much higher. With new cyber-attacks being estimated to occur every 10 seconds, it seems as though one of the best decisions for financial institutions to make is to increase their security budgets, which seems to already be occurring.
