US Banks Hit By Russian Cyber Attacks

The Russia-Ukraine war is being bitterly fought, both on the ground and online, with politicians and cyber security experts alike warning of potential attacks against the US financial industry in general as well as banking.  Now, as predicted at the outset of the attempted invasion of Ukraine, US banks are currently under advanced and sustained cyber attack from Russian connected hackers.

This comes after the western allies have implemented unprecedented, crushing sanctions against Russia since it invaded Ukraine. The impact on the Russian economy has been severe, and many experts believe the Kremlin has vigorously retaliated with cyber attacks.

The large US banks JP Morgan, Citigroup, Bank of America, Goldman Sachs, are often attacked by cyber criminals looking to disrupt operations and steal client information. The usual suspects are most often located in Iran, China and now more often Russia.

Cyber security experts are saying that  financial institutions face particular risks in a less well understood area of their business - the now ubiquitous artificial-intelligence (AI) technologies that handle everything from lending to automated trading are also at risk from attacks.

Attacks by Russia and its operatives are likely to intensify as sanctions and the associated economic toll increase,” said Dan Katz, cyber security and data privacy director at Mazars, a leading financial services consultancy. "Russian attacks on a wide variety of organisations continue to strongly target financial services organisations,” he commented.  This is not only due to the major role of the financial and payments industries play in the global critical infrastructure, and potential data and monetary profits to be had, but also because many US banks still rely on fairly complex or siloed core systems, which are often much trickier to protect.

The US Cybersecurity & Infrastructure Security Agency (CISA) says that their intelligence suggests that the Russian government is continuing to explore cyber attack opportunities 

“Evolving intelligence indicates that the Russian Government is exploring options for potential (new) cyber attacks. Every organisation, large and small, must be prepared to respond to disruptive cyber incidents... As the nation’s cyber defense agency, CISA stands ready to help organisations prepare for, respond to, and mitigate the impact of cyber attacks,”  CISA warned in a recent update.  

Experts are also saying that consumers should also be more concerned about small scale attacks, especially in relation to protecting their personal data. 

Knowing how cyber attacks work, and what you can do to prevent your data from being compromised, is key to preventing your personal information from being breached. But, it’s important to note that there is no perfect way to fully protect yourself from data breaches and continuous checking and staff training is required.

CISA:     Reuters:     WSJ:     SC Magazine:     SC Magazine:     Forbes:    American Banker:    NYPost:  

You Might Also Read: 

Cyber Attacks On Ukraine Step Up The Pressure:

 

« Fraud Online & On The Telephone
Can A Cybercrime Convention For All Be Achieved? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Omerta

Omerta

Omerta is a global security technology and services company. We advise, consult, design, build, mitigate, protect, manage, provide and train to protect from increasing cyber threats.

Security Weekly

Security Weekly

Security Weekly provides free content within the subject areas of IT security news, vulnerabilities, hacking, and research.

JumpCloud

JumpCloud

JumpCloud's Directory-as-a-Service (DaaS) is the single point of authority to authenticate, authorize, and manage the identities of a business’s employees and the systems and IT resources they need.

National Cyber Security Centre (NCSC) - United Kingdom

National Cyber Security Centre (NCSC) - United Kingdom

The NCSC acts as a bridge between industry and government, providing a unified source of advice, guidance and support on cyber security, including the management of cyber security incidents.

Brainwave GRC

Brainwave GRC

Brainwave GRC is a leading European software provider focused on Identity Analytics and intelligence to strengthen IT security and compliance.

Ingalls Information Security

Ingalls Information Security

Ingalls Information Security provides network security, monitoring and forensics.

MBL Technologies

MBL Technologies

MBL Technologies specializes in information assurance, enterprise security, privacy, and program/project management.

Cyphercor

Cyphercor

Cyphercor is a leading smartphone and desktop-based two-factor authentication (2FA) provider.

LightEdge Solutions

LightEdge Solutions

LightEdge’s highly-trained compliance and security experts take the guesswork out of keeping your business protected.

Sky Data Vault

Sky Data Vault

Sky Data Vault provide the simplest and most cost effective method of Disaster Recovery / Business Continuity for mission critical systems and applications.

Carve Systems

Carve Systems

Carve Systems was founded to bring enterprise level information security, training, and risk management services to organizations of any size and industry.

boxxe

boxxe

boxxe create flexible IT infrastructures, collaborative global workspaces and data clarity, all underpinned by world-leading security.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CyberAcuView

CyberAcuView

CyberAcuView is a company dedicated to enhancing cyber risk mitigation efforts across the insurance industry.

UncommonX

UncommonX

UncommonX offers enterprise-class cybersecurity protection for mid-size organizations by combining adaptive threat and intelligence software with 24/7 industry experts.

Truly Secure

Truly Secure

Truly Secure is an IT Service Provider that ensures greater efficiency and security within a company's technological environment.