The ongoing hacking campaign has sent shock waves across the U.S. government and the private sector. Meanwhile, as per bank executives, they are following a cyberattack uncovered across government agencies. It could be perhaps the biggest hacks in the history of the U.S.
However, no evidence found that the hack discovered in December 2020 hit Wall Street. According to cybersecurity experts, determining the extent of the infiltration may take many months. It is a sheer risk hanging over an industry that has recently spent billions to raise the cybersecurity walls.
Initially, the target was not the U.S. government but its Texas-based software supplier named SolarWinds Corp. The hackers installed malicious code into an update of the popular Orion software of SolarWinds. Essentially, several government agencies and Fortune 500 use this software in managing their information technology.
Do you want to maintain your compliance? Lifars can validate your compliance and controls to assist you in maintaining your compliance. We create a strong security foundation after evaluating your current approach.
The Real Motive of the Hack Is Unclear
All indicators so far refer to the attack as one of the biggest hacks in U.S. history. According to officials, the hack has breached nearly six U.S. government departments, including treasury, commerce, and energy. More so, it also breached the networks of national nuclear security administration, according to Politico.
So far, there is no clear picture of the real extent of the damage caused to government agencies and private companies. As yet, the motive remains a mystery. All we are witnessing is speculation ranging from the attempts of espionage to something even more damaging.
FS-ISAC Take about the Hack
According to FS-ISAC, a financial services company, the hack’s focus does not seem to cause damage to the financial sector. It is also shedding light on the attack vectors by providing strategic and tactical reports along the same lines.
Looking Back To Previous Cyberattacks against the Financial Sector
Up till now, the subject of the largest known cyberattack against a U.S. bank was JPMorgan Chase & Co. in 2014. A Russian hacker pleaded guilty to stealing clients’ data of more than 80 million from JPMorgan and other institutions last year. It looted ill-gotten gains of hundreds of millions of dollars.
Similarly, capital one financial Corp. paid $80 million in penalties in early 2020. It ended up exposing 100 million American’s personal financial information.
Budget Increase in the Financial Sector
For the last four years, the financial sector, including banks, finance companies, insurers, and brokers, have increased cybersecurity spending. According to a Deloitte & Touche LLP survey, cyber spending jumped 15% in 2020.
To prevent cybersecurity attacks, financial firms have already made giant steps. They also ensured a quick recovery even when breaches happened. For this reason, perhaps, the hackers have gone elsewhere since banks have become challenging to penetrate.
According to Accenture’s latest survey of financial firms, direct cybersecurity attacks on capital and banking markets dropped 2% in 2019. Meanwhile, we witnessed a 20% decrease in the actual breaches.
Regardless of that progress, prominent cyberattacks have significantly raised public pressure as well as responsiveness in the C-suite, with banks sloping up staff, software, and info-sharing to peers.
All in all, the prevailing ongoing hacking campaign is alarming since it is remarkably sophisticated. More so, it is reckless, and its reach is so broad. For the global economy, it put the technology supply chain at risk. The only way forward to dealing with evolving cybersecurity threats is to adopt proactive strategies and tactics.