Financial Services Cyber Threat Landscape Analysis

This white paper presents an analysis of cyber threats targeting the financial services sector, particularly focusing on ransomware and advanced persistent threat (APT) groups. It outlines the motivations behind these attacks, including the potential financial gain and the sensitive information held by these organizations. The document details various APT groups, such as Granite Typhoon, Blind Eagle, and APT38, describing their tactics, techniques, and historical activities against financial institutions. The paper highlights the evolving nature of ransomware tactics, including the emergence of Ransomware-as-a-Service (RaaS) models, exemplified by the LockBit group. Additionally, it discusses the implications of these threats on the economic stability of countries and the importance of cybersecurity measures in mitigating risks. The Threat Actor Metric™ developed by Optiv’s Global Threat Intelligence Center is also introduced as a tool for assessing the risk posed by these adversaries. Overall, the document serves as a comprehensive resource for understanding the current threat landscape in the financial services industry.