If it seems like financial services face more cloud-based cyberattacks daily, that’s because they’re using and pushing applications to the cloud more often, according to CrowdStrike’s field CTO for the Americas.
Cristian Rodriguez says these cyberattacks tend to start with stolen credentials or identities, allowing adversaries to simply log in and leading to some major data exfiltration events, the deployment of malware or ransomware, and even the use of cloud infrastructure for command and control communications.
Sometimes the crime, nation-state or hacktivist groups committing these attacks acquire the credentials used to access the cloud from access brokers, resulting in a 26% increase in finance sector intrusions in 2024, according to the CrowdStrike 2025 Threat Hunting Report. Nation-state activity in the finance sector increased about 80%, Rodriguez says, with their…
