The latest attack against financial institutions in the Philippines underscores the fact that banks and financial entities remain of interest to cybercriminals whose main goal is to steal money.
Groups that prey on the financial sector find vulnerabilities within the IT infrastructure of their target organizations to carry out their attacks.
From our experience investigating cyber incidents, we know that there are cyber gangs that are professionals and can really resist detection.
In case of suspicion of intrusion, we recommend that organizations request for professional assistance with incident response.
In the Lazarus cases which Kaspersky investigated, it showed that even if attackers made it inside the network, it’s still not yet too late to conduct actions to prevent further financial and reputation losses.
We encourage financial companies to pay more attention to cybersecurity literacy within the organization, invest into additional protection and regular security assessment on all parts of the network, and collaborate with relevant authorities in the country like CERTs, law enforcement agencies as well as private entities in their sector and cyber security professionals for better information sharing and prevent attacks in the early stage in the future.