Large cybercrime groups that have previously produced cyberatags for Russian banks are gradually refusing to this practice, preferring financial and credit institutions of other countries. This was told by Ilya Sachkov, General Director of Group IB.
"The overall level of cybersecurity of the domestic banking sector has increased significantly in recent years, which is largely due to rational and effective actions in this direction, which are now being implemented by the Central Bank of the Russian Federation. Yes, and Russian banks themselves realized what risks in themselves are the target hacker attacks.
At the same time, due to the complexity, hold attacks on banks, many attackers switched to end users - ordinary Russians. Such attacks infrequently lead to the consequences for banks, because far from each organization will reimburse the client inflicted by fraudulent damage. But the systematics of such attacks, their large quantities are the reason that the outflow of customers begins, there is a decrease in confidence in Internet services that are offered by the Bank, "said Ilya Skachkov.
The head of GROUP-IB noted that about 4-5 years ago his company watched a constant increase in damage to credit organizations from targeted attacks. In 2016, this figure amounted to 300%, but in a year it fell to 33%. After 2017, cybercrime groups that were constantly attacked Russian banks, began to switch to other world regions: North and Latin America, Asia, Middle East.
"We have confirmed data for the full 2019 year, according to which the losses of Russian financial and credit institutions from targeted cyber attacks decreased, if compared from 2018, by 93%. They amounted to a total of about 95 million rubles. All 2020, we observed the continued drop in the amount of damage, which was applied by targeted cyberatics in the banking segment. Group IB noted that the main cybercrime groups, previously conducted attacks on banks, in 16-18, simply went further - most of them changed a slightly strategy and now uses extortionable programs, encrypters, "commented Ilya Rockkov.
The specialist also noted that extortioner program operators are looking for partnerships with sellers of access to compromised networks of organizations. Such a union has already caused the fact that by the end of 2020 there are about 1 billion dollars of general damage, which was caused by the activities of extortionable malware.