Latest news with #FSISAC
Independent Singapore
2 days ago
- Business
- Independent Singapore
APAC financial sector top target for volumetric DDoS attacks in 2024, report finds
SINGAPORE: Asia Pacific's financial sector has been the top target for volumetric Distributed Denial-of-Service (DDoS) attacks, which overwhelm servers or networks with sheer traffic to slow or make them fail, accounting for 38% of all volumetric DDoS attacks in 2024, up from just 11% the year before, according to a joint report by FS-ISAC and Akamai Technologies. The report, From Nuisance to Strategic Threat: DDoS Attacks Against the Financial Sector , also found that more than 20 financial institutions in six countries in the region were hit in 2024, likely by the same threat actor or hacker group. Notably, the financial sector is being hit harder than other sectors. DDoS attacks on financial firms spiked in October 2024, and the sector has remained the leading target for volumetric DDoS attacks year-over-year. The report also noted the increasing frequency of attacks, as cybercriminals exploit higher bandwidths and stronger computing power to launch adaptable, more powerful, and cheaper DDoS attacks. In addition, the rise of 'DDoS-for-Hire services' targeting the financial sector has made it difficult to identify cybercriminals. Attacks on financial firms' application layer, including Application Programming Interfaces (APIs) and customer-facing websites, rose 23% between 2023 and 2024. Meanwhile, ongoing geopolitical tensions have fueled a surge in 'hacktivism'. Teresa Walsh, chief intelligence officer and managing director for EMEA at FS-ISAC, said, 'DDoS attacks are becoming increasingly sophisticated, evolving from simple network flooding to targeted, multi-dimensional assaults that exploit intricate vulnerabilities across the entire supply chain.' Steve Winterfeld, Advisory CISO of Akamai, said, 'Threat actors will continue to leverage DDoS attacks to exploit the security of our institutions,' explaining that the attacks are meant to exhaust an institution's network infrastructure and, in turn, drain its resources used to defend against attackers. Mr Winterfeld added, 'Implementation of mitigation strategies, robust cyber hygiene fundamentals, and industry best practices can help the sector defend against the evolving risk.' /TISG Read also: Fraud and scams driven by generative AI are now among the biggest cyber threats in the financial sector Featured image by Depositphotos (for illustration purposes only)
Finextra
02-06-2025
- Business
- Finextra
DTCC appoints Laura Deaner as chief information security officer
The Depository Trust & Clearing Corporation (DTCC), the premier post-trade market infrastructure for the global financial services industry, today announced the appointment of Laura Deaner as Chief Information Security Officer (CISO), reporting to Lynn Bishop, Chief Information Officer. 6 Deaner will be responsible for managing DTCC's enterprise-wide cyber strategies to protect the firm's information and systems as well as designing and enhancing the organization's information and cybersecurity programs and roadmaps to support DTCC business and resiliency efforts. In addition, she will continue to ensure that cyber resilience is incorporated into strategic firm initiatives, including product and technology deployments, AI-fueled innovation and cloud adoption. Deaner brings more than 25 years of leadership and expertise in information security management to DTCC, including serving the last 12 years as CISO at Northwestern Mutual, S&P Global and, before that, PR Newswire. In each of these endeavors, Deaner led major cybersecurity transformation initiatives, bringing innovative approaches, new security practices and novel security architecture and governing practices, which produced measurable increases in program maturity. Prior to that, Deaner served in roles of increasing responsibility at Morgan Stanley, JP Morgan Chase and Citigroup. Deaner has served as a Board Member with the Financial Services Information Sharing Analysis Center (FS-ISAC) since 2022 and is a NYU Tandon Cyber Fellows Advisory Council member. 'As we continue to strengthen our technology infrastructure to protect against cyber-threats, Laura's expertise and leadership will enable us to drive a more holistic program to further upgrade our defense capabilities,' said Bishop. 'Her deep experience as a CISO will be critical as we continue to implement innovative strategies and leverage new technologies to enhance our security operations and safeguard the global markets and our clients.' Deaner said, 'DTCC plays a vital role in safeguarding the global financial system, and I'm proud to contribute to that mission by advancing a resilient, adaptive and risk-aligned cybersecurity posture. This work is deeply collaborative, and I'm looking forward to partnering closely across teams to protect what matters most: trust, stability and market integrity.'
Independent Singapore
21-05-2025
- Business
- Independent Singapore
Fraud and scams driven by generative AI are now among the biggest cyber threats in the financial sector
SINGAPORE: Fraud and scams driven by generative artificial intelligence (AI) are among the biggest cyber threats facing today's financial sector. While Singapore businesses saw the lowest number of ransomware attacks in Southeast Asia last year, the city-state became the main source of cyberattacks in the region, with 21.9 million attacks coming from compromised servers in the country in 2024. According to the not-for-profit organisation FS-ISAC's latest Navigating Cyber 2025 report, released on Tuesday (May 20), these cyber threats create more chances for attackers to exploit geopolitical and economic conflicts, along with the growing sophistication of long-established attacks like distributed denial of service (DDoS) and ransomware. Steve Silberstein, CEO of FS-ISAC, said, 'The global financial sector's interconnectedness with the supply chain and its ongoing incorporation of emerging technologies add to the challenges. Cross-border collaboration and proactive intelligence sharing are essential to safeguarding the global financial system.' To stay ahead of nimble cybercriminals, financial firms are expected to: Increase investment in fraud prevention The report noted that financial institutions should heighten their focus on fraud and scam prevention and detection, as cybercriminals are using real-time payments and cryptocurrencies, making it almost impossible to recover stolen money. Firms are also expected to adopt 'smart friction' strategies to slow payment authorisations and increase security measures. In addition, sharing fraud intelligence among fraud and cyber teams will be essential to effectively combat fraud. Leverage AI in cyber defence while keeping up the basics With cybercriminals using generative AI for impersonation scams like deepfakes targeting C-suite executives and fake IT workers, firms are expected to prioritise foundational cyber hygiene practices and robust employee training. Strengthen focus on third-party risk management In 2024, major third-party breaches shook the sector, with Telegram scams jumping 137.5% and over 100 public officials in Singapore falling victim to AI-powered malicious campaigns. As many financial institutions rely on the same service providers, a single breach could have a wider impact, the report said. To minimise the chances of system access in the event of third-party attacks, firms are expected to prioritise application programming interface (API) security and be more proactive in monitoring their supplier security in line with new resilience regulations. Shorten timelines for post-quantum readiness Recent advancements in quantum computing mean financial firms must start moving their most vulnerable assets to crypto-agile encryption algorithms that can quickly adapt to the quantum era. Teresa Walsh, FS-ISAC's Chief Intelligence Officer and Managing Director for EMEA, said, 'To ensure operational resilience, firms must adopt a forward-looking cyber posture that incorporates proactive threat modelling, agile defence capabilities, and cross-border collaboration.' /TISG Read also: 'Human judgment remains crucial' — Experts explain why AI still can't replace humans in today's workforce
