News

Editor’s note: In the first installment of our series for 2021, the ACAMS moneylaundering.com legal team reviews the growing number of online attacks on U.S. and global financial institutions and how governments and cybersecurity professionals have responded.

U.S. banks in 2021 ranked among the top victims of increasingly sophisticated cyberattacks by criminals motivated by financial gain and hackers backed by foreign governments, and fueled the emergence of new payment systems.

Cybercriminals have developed new strategies and methods, such as sophisticated malware injection tactics, business email compromise schemes, phishing scams and brute-force attacks that not only aim to siphon funds, but also steal the personal data of customers for subsequent re-selling or furtherance of fraud schemes.

Online intrusions against U.S. financial institutions specifically have grown in sophistication and prevalence amid the novel coronavirus pandemic, which has pushed entire sectors of the U.S. workforce into the digital space and given online criminals and hackers new targets to attack.

COVID-19 pandemic began to spread across the United States in the early months of 2020, which brought an avalanche of notices, warnings, and alerts from federal and state officials anticipating a spike in cybercrime.

Their warnings had already proven prescient by March 2020, when news hit that Zeus Sphynx, a Trojan virus first used against the financial services industry in 2015, had been discovered in the IT systems of banks in the Canada, Australia and the U.S.

In April, the FBI outlined several active threats to the U.S. financial system, then joinied with the Treasury Department and other U.S. agencies in June to flag new attempts by North Korean hackers to initiate fraudulent transfers from global banks four years after a similar scheme netted $81 million from the Bangladesh Bank’s account with the Federal Reserve in New York.

The FBI warned the financial services industry again in August, this time on efforts by North Korea to steal money from ATMs around the world. In a separate scheme, North Korean cyber-operatives sent COVID-19-themed phishing emails to millions of businesses in Singapore, Japan, South Korea, India, the U.K. and U.S. to steal personal and financial data.

In August, the FBI and Cybersecurity and Infrastructure Agency flagged attempts by Iran-backed hackers to infiltrate the online systems of U.S. organizations in the IT, government, and finance sectors by exploiting publicly known vulnerabilities.

More recently, and perhaps most concerningly, CISA called on federal agencies last month to “disconnect or power down” SolarWinds Orion products from their networks in response to the possible online infiltration of the U.S. Treasury and Commerce departments by hackers suspected of links Russia.

By Dec. 15, those understood to be affected by the breach, which involved the monitoring of internal email traffic, expanded to the Department of Homeland Security, the Department of State and the National Institutes of Health.

On Jan. 5, the FBI, CISA, Office of the Director of National Intelligence and National Security Agency announced the launch of new taskforce, the Cyber Unified Coordination Group, to coordinate the investigation into the SolarWinds hack, which is believed to have affected around 18,000 of the company’s clients in government and the private sector.

The prevalence of cyberattacks over the past year, particularly during the pandemic, has prompted calls to secure the U.S. cyber-sphere through investment, better authentication, and cyber-insurance in the event of a disruption.

All told, U.S. authorities seized website domains and disrupted hundreds of online scams last year, formed taskforces to tackle pandemic-related fraud, and indicted scores of online criminals and “cybercrime gang members.”

Federal prosecutors called for additional cyber-related funding in December, three months after FBI Director Christopher Wray called for new tactics and 10 months after the Customs and Border Protection pushed for new technology to address the uptick in cyberattacks.

The broader compendium of analysis of online attacks and cybersecurity breaches by other U.S. agencies, including the Cyberspace Solarium Commission and the Government Accountability Office, underscores the need for underscores the need for a stronger approach, including through legislation.

Contact Leily Faridzadeh at LFaridzadeh@acams.org