The year 2021 was eventful in terms of digital threats for organizations and individuals, and financial institutions were no exception. Throughout the past year, we have seen cybercriminals continue to actively target our users with tools and techniques that emerged due to the pandemic. Imperfections in the transition to remote/hybrid work continue to pose a huge threat to businesses. On top of that, economic issues caused by the pandemic have only aggravated the problem. Driven by poverty and unemployment, cybercriminals intensified their malicious activity against bank customers and bank infrastructure.
Well-known financial threats remain prominent. SpyEye, developed in 2009 and described as a “bank Trojan with a form grabbing capability”, surged from the eighth most common banking malware tool with a 3.4% share in 2020 to the second most common in 2021 with 12.2%. Emotet (9.3%), described by Europol as “the world’s most dangerous malware”, underwent a drop of five percentage points between 2020 and 2021.This is linked to the fact that law enforcement agencies around the world worked together to obstruct the botnet’s infrastructure at the beginning of 2021, so its activities were disrupted for at least part of that year.
While 2021 did see an increase in threats to financial institutions on a global scale, it also saw PC and mobile malware continue on the downward trend previously seen in 2020. The mass change in cybercriminals’ objectives and methods seen in 2020 continued in 2021. Cybercriminals have found ways to benefit from the changes brought by the pandemic, adapting their goals and methods to take advantage of the shifts to teleworking and online shopping. This report aims to offer thorough insights into the financial cyberthreat landscape in 2021.
The research in this report is a continuation of our previous annual financial threat reports ( financial cyberthreats
