Application Security , Cybercrime , Cybercrime as-a-service

Bank on Seeing More Targeted Attacks on Financial Services

Trellix's John Fokker on the Cyber Impact of Ransomware, APT Groups, Russia's War
John Fokker, head of cyber investigations and principal engineer, Trellix

Since at least the middle of last year, online attackers have been increasingly targeting the financial services sector.

So warns John Fokker, principal engineer and head of cyber investigations for the Advanced Threat Research group at cybersecurity firm Trellix. He says Trellix's latest threat assessment found a 22% increase in ransomware attackers and a 37% increase in APT detections in Q3 of last year, compared to the prior quarter.

Fokker also says more victims have been coming to light, thanks in part to a Ukrainian security researcher leaking Jabber chat logs of the approximately 100 employees of the Conti ransomware operation. Those logs have better revealed not just how the group functions but also the identity of organizations that quietly paid a ransom after being crypto-locked by Conti, perhaps in part to try and avoid the public ever learning of the security incident.

Fokker says: "You can put your cyber skeletons in the closet but, just like in normal life, they tend to come out."

In this video interview with Information Security Media Group, Fokker discusses:

  • How targeted attacks on financial services have recently increased - via ransomware, other malware, APT groups - and the risks that poses;
  • The cybersecurity impact of both Russia's invasion of Ukraine and the potential fallout from sanctions being imposed on the country;
  • How the financial services sector must respond.

Fokker is the principal engineer and head of cyber investigations for Advanced Threat Research at Trellix. He was previously the project leader for the cybercrime threat intelligence team for the Dutch Police.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.