- $1.5B Hack of Bybit Might Be the Largest Crypto Heist Ever
- Amazon is selling the M4 Mac Mini at an all-time low price (and I don't expect it to last)
- How new Facebook policies incentivize spreading misinformation
- Is your live TV streaming service still worth it? I review the options for every budget
- 見逃せない!パブリッククラウドの思わぬ落とし穴
Destructive Attacks on Financial Institutions Surge 13%
Over half (54%) of global financial institutions experienced cyber-attacks last year in which data was destroyed by adversaries, according to a new report from Contrast Security.
The runtime security specialist claimed in its Modern Bank Heists Report 2025 that the figure represented a 12.5% increase on 2023.
However, rather than destroying data as an end in itself – such as for sabotage and service disruption – threat actors appear to be doing so in order to cover their tracks.
“It is worth noting that cybercriminals in the financial sector will typically leverage destructive attacks as an escalation to burn the evidence as part of a counter-incident response,” the report noted.
“Destructive malware variants seek to destroy, disrupt or degrade victim systems by taking actions such as encrypting files, deleting data, destroying hard drives, terminating connections or executing malicious code.”
Read more on destructive attacks: Two-Thirds of Global Banks Report Surge in Destructive Attacks
Overall, two-thirds (64%) of respondents admitted their institution had experienced cyber incidents over the past year. Although most (94%) claimed they were able to successfully detect and respond to these attacks, the report stated that 46 “impactful” attacks per months were able to bypass web application firewalls (WAFs).
Cloud environments and APIs were cited as the two most common attack vectors, with 71% of respondents arguing that zero-day threats are their biggest concern regarding the safeguarding of apps and APIs.
Adversaries are not only destroying data to hide their tracks; they’re also looking to steal and monetize it.
Around two-thirds of respondents told Contrast Security they had observed threat actors attempting to steal non-public market information, which could be used for insider trading and “shoxing.” The latter involves shorting a stock, before doxing the stolen confidential data to regulators, the report explained.
A further 48% of respondents said they’d experienced an increase in customer account takeovers in 2024, while 43% suffered an “island hopping” attack, where threat actors use unauthorized access in a victim bank to target customers and partners.
“As tactics and motives evolve, financial institutions need to rethink how they are protecting themselves,” argued Contrast Security’s cybersecurity advisor, Tom Kellermann. “Continuous monitoring of the application layer for behavioral anomalies is imperative, and to do that, organizations must implement application defense and response (ADR) to block attacks in production and catch vulnerabilities in apps and APIs.”
