Here’s the article in markdown format:

Cybersecurity Threats in Sweden’s Financial Sector: A Growing Concern

Background

The Swedish Bankers’ Association has identified a need for improved contingency work in the sector. To address this, authorities and companies must develop a clear common vision for contingency work.

Threat Assessment

Recent ransomware attacks against Swedish businesses have highlighted the growing threat to the sector:

• Increase in ransomware attacks: The Church of Sweden, TietoEvry, and municipalities have all been targeted by ransomware attacks.
• Concentration risks: Swedish banks that have outsourced IT operations should be aware of concentration risks. Notable examples include:
  • Ransomware attack on ICBC’s US branch affecting USD 9 billion in unsettled deals.
  • Attacks on ION (derivatives trading) and Equilend (securities trading).
  • Vulnerabilities discovered in the MOVEit application.

Key Points

The threat landscape is driven by criminal groups and state-sponsored actors, particularly due to Russia’s war against Ukraine:

• Ransomware as a service: Attackers are using “ransomware as a service” to make attacks more accessible and lucrative.
• Data theft and blackmail: Ransomware attackers are increasingly stealing data to blackmail victims, making it difficult to distinguish between legitimate businesses and malicious actors.
• State-sponsored activity: It is possible that criminal groups may act on behalf of states, adding complexity to the threat landscape.