Diadon Enterprises © 2018

Bank failures could lead to heightened cyber threats | Dump Trucks Charlotte NC

An article fromsite logo
Published March 15, 2023
Matt Kapko's headshot
Reporter
Login information attached to large hook hanging in front of computer keyboard.
Philip Steury via Getty Images

First published on

Cybersecurity Dive

The collapse of Silicon Valley Bank and Signature Bank, combined with spreading worries of a calamitous fallout, could create new hooks for a spree of news-driven social engineering attacks.

Researchers at Proofpoint observed a phishing campaign designed to exploit the banking crisis with messages impersonating several cryptocurrencies. Threat hunters and cybersecurity professionals across multiple firms warned organizations to be on the lookout for malicious activity.

Threat actors don’t just follow the news — they react to it and identify new ways to target potential victims during moments of heightened sensitivity. Phishing and business email compromise attacks are often tailored to take advantage of the fear and uncertainty surrounding major events.

“CISA is closely monitoring the situation,” a spokesperson for the Cybersecurity and Infrastructure Security Agency said. “Currently, we are not tracking any cyberattacks or incidents associated with Silicon Valley Bank.”

Cybersecurity professionals, as is their wont, are operating under the assumption that threat actors will turn this banking crisis into fuel for cyberattacks.

“Ultimately, because these crises can help to create a sense of urgency, this moment in time can be an effective tool for threat actors,” Arctic Wolf CISO Adam Marrè said via email.

Arctic Wolf hasn’t observed a notable volume of threats, but it has seen an uptick in newly registered domains related to SVB since federal regulators took over the bank’s deposits on Friday. The cybersecurity firm expects some of those domains to serve as a hub for phishing attacks.

Professionals should scrutinize for spoofed email addresses and fake emails designed to facilitate an urgent response and be extra cautious across all exchanges, Marrè said.

Organizations should be especially vigilant with financial transactions and take additional precautions to avoid fraud via phishing or business email compromise.

Phishing was the top cybercrime type reported to the FBI’s Internet Crime Complaint Center in 2022, according to an annual report published Friday. Phishing accounted for nearly 2 in 5 cybercrime incidents reported to the FBI last year, for a total of 300,000 reported crimes.

Phishing lures target vulnerable employees

Finance employees, which often have access to an organization’s banking information for billing and payments, are an optimal target for threat actors conducting phishing or business email compromise attacks.

“Gaining access to a finance department laptop could provide a windfall for cybercriminal," Eyal Gruner, co-founder and CEO at Cynet, said via email. "With all the chaos and fear as a result of the SVB collapse, these employees are particularly vulnerable right now.”

“If the victim is a client of SVB and has funds tied up there, then they get additional accounts robbed, things can go from very bad to horrific very quickly,” Gruner said.

The opportunity for fraud is massive and not just limited to direct customers of SVB but rather anyone doing business with those organizations, according to Expel CISO Greg Notch

“There will be lots of changes to payment information between businesses, creating counterparty risk,” Notch said via email. 

Some altered transactions may go unnoticed as scrambling activity between counterparties increases over the coming weeks, Notch added.

The failure of two banks in as many days and a widespread concern that this banking crisis could spread is just the latest event of global consequence for threat actors to glom onto.

“Attackers are always looking for an angle. Leveraging a chaotic situation where people are confused, looking for information and not sure where to turn, they’re more apt to open random emails that may help them,” Gruner said. For adversaries, “the more people are confused, scared and looking for answers the better.”

Construction Dive news delivered to your inbox

Get the free daily newsletter read by industry experts

Daily Dive newsletter example

Editors' picks

  • Freight rail cars loaded with lumber sit on tracks at the Port of Los Angeles
    Image attribution tooltip
    Mario Tama via Getty Images

    Buy America provisions can improve construction lead times — for a price

    About one-third of materials used in U.S. projects are made overseas. A make-it-here push would further raise already high costs.

    By Sebastian Obando • Feb. 28, 2023
  • A person wearing a hard hat points into the distant. They are surrounded by a collage of buildings, a welder, and a corporate office.
    Image attribution tooltip

    Photo illustration: Jenni Sohn for Industry Dive

    Tracker //Women in Construction Week 2023

    Construction Champions 2023

    Out of more than 400 submissions, these 31 women stand as examples of how intuition, dedication and intelligence are shaping the industry.

    March 6, 2023

Keep up with the story. Subscribe to the Construction Dive free daily newsletter

Keep up with the story. Subscribe to the Construction Dive free daily newsletter