Financial Crime World

Here is the rewritten article in markdown format:

The State of Cybersecurity in the Swiss Financial Sector

The Swiss financial sector is a prime target for cyber threats. According to a recent report, three groups of threat actors are responsible for most of the attacks: financially motivated hackers, politically motivated cybercriminals, and political activists (hacktivists).

Threat Actors

Financially Motivated Hackers

These actors are industrial or nation-state spies who target state institutions and strategically important industries. They use complex attack methods such as malware, C&C servers, and supply chain attacks.

Politically Motivated Cybercriminals

This group is characterized by their strong ideological, political, or social motives. They choose targets based on their views, ideology, or business model and tend to act opportunistically depending on the situation.

Political Activists (Hacktivists)

These individuals or decentralized groups want to disseminate their message to the public by blocking access to important websites like news websites.

Ransomware

Ransomware is mainly used by financially motivated hackers to attack important systems or data and deny the owner access to said systems or data. They demand a significant ransom in exchange for regaining access, often using a double-extortion strategy where they threaten to publish confidential data if the company refuses to pay.

Attack Methods

The three groups of threat actors use various attack methods, including:

  • Ransomware (Trojans): A type of malware that encrypts files and demands a ransom in exchange for decryption.
  • Malware: Malicious software that can be used to intercept user data or gain unauthorized access to systems.

Security-Conscious Card Issuers

Swiss card issuers prioritize organizational and technical measures for cybersecurity. Most of them evaluate their controls and security protocols annually with their own resources, while a few outsource this to external service providers. They also carry out security exercises annually and monitor the cybersecurity risks of their suppliers through manual evaluations.

Phishing

Phishing is seen as a common attack method, with employee training courses focused on phishing held quarterly, particularly for employees with customer contact. This is because phising can be used to steal user data via fake websites, emails, or text messages.