SIX Cyber Security Report 2020 – Threats Observed within the (Swiss) Financial Sector

Comparing the cyber-attacks experienced by the Swiss and other national financial sectors over the current year, they remain to be subject to frequent attacks. Overall, the number of observed attacks has remained at the same level as the year before for each country analyzed. A significant exception to this is a clear rise of cyber-attacks around March, which is related to the COVID-19 pandemic outbreak.

Focusing on the Swiss financial sector, the report investigated the structure of security incidents as observed by contributing organizations, with a special attention to the impact of the COVID-19 pandemic:

Phishing followed by ransomware are the highest perceived threats by the institutions. This correlates with e-mail being the top attack vector on financial organizations. A clear spike of attack activity correlated with the COVID-19 pandemic was observed. Within weeks, organizations shifted to remote working and customers relied more than ever on online banking applications, enlarging attack surfaces and creating new targets for malicious cyber actors. The results show the willingness and capability of cyber actors to quickly adapt their methods to leverage any situation.

Furthermore, the report focused on the structure of Chief Information Security Officer (CISO) operations within the sector, which gives insight into the available resources and their use within organizations. This shows a correlation between reported visibility and number of observed incidents within an organization, where higher visibility increases the number of incidents.

Last but not least the report analysed the following countries in order to identify key similarities and differences between the cyber threat landscape pertaining to the Swiss and the other sample countries’ financial sectors: Germany, France, Spain, the Netherlands, the UK, the US, and Singapore.

In conclusion the key similarity identified is that Ransomware, phishing, and to some extent supply chain attacks, remain the largest cyber security threats to financial organizations, regardless of their size or location. Secondly, an increase in observed cyberattacks occurred during the onset of the COVID-19 pandemic in March, independent of location. These similarities highlight the need for a more global information sharing infrastructure.

Given that most financial institutions are targeted by similar attack methods, financial institutions could benefit greatly from being able to access near real-time information on campaigns targeting other financial organizations. This would enable organizations to put in place specific mitigation measures, as the likelihood of them being targeted by the same or similar campaigns is high.

Download SIX Cyber Security Report 2020 here.