TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

F5 Labs

Cyberattacks at Banks and Financial Services Organizations, and a Look at Open Banking

2021-06-02 · Read original ↗

ATT&CK techniques detected

5 predictions
T1499Endpoint Denial of Service
55%
"smooth the flow of commerce. the security incident data shows that the proportion of denial - of - service ( dos ) incidents at payment processors is 56 %, which is much higher than the average of all financial organizations at 36 %. conversely, their proportion of password login…"
T1498Network Denial of Service
45%
"smooth the flow of commerce. the security incident data shows that the proportion of denial - of - service ( dos ) incidents at payment processors is 56 %, which is much higher than the average of all financial organizations at 36 %. conversely, their proportion of password login…"
T1498Network Denial of Service
43%
"( 20 % ) were the second most identified type, where the attacker hits the dns service with illegitimate requests, clogging up the system for authorized users ( see our deeper analysis of dns attacks ). web application, or layer7, attacks on the payment processor ' s web applicat…"
T1499Endpoint Denial of Service
32%
"( 20 % ) were the second most identified type, where the attacker hits the dns service with illegitimate requests, clogging up the system for authorized users ( see our deeper analysis of dns attacks ). web application, or layer7, attacks on the payment processor ' s web applicat…"
T1498.001Direct Network Flood
30%
"( 20 % ) were the second most identified type, where the attacker hits the dns service with illegitimate requests, clogging up the system for authorized users ( see our deeper analysis of dns attacks ). web application, or layer7, attacks on the payment processor ' s web applicat…"

Summary

A review of 2018-2020 cyberattacks at brokerages, investment funds, payment processors, and financial services organizations as well as API security incidents and open banking.