As the financial sector faces an increase in destructive attacks and ransomware threats, a majority of institutions plan to increase their budget this year with extended detection and response (XDR) as the top security investment priority, VMware’s recent report found.  

The vendor surveyed 130 financial sector security leaders globally for this year’s Modern Bank Heists report. It found that 63% of survey respondents saw a surge in destructive attacks, up 17% from last year’s results.

VMware researchers also pointed out that cybercriminals targeting the financial sector typically use destructive attacks as escalation to burn the evidence as part of counter incident response.

In addition, 74% of surveyed institutions were hit by at least one ransomware attack over the past year, and 63% of them paid the ransom. The majority of the victims reported that nation-state actors from Russia posed the greatest concern.

The report also showed that cybercriminal cartels no longer target wire transfers or access to capital as traditionally assumed. Instead, they are now after nonpublic market information including public offerings, earnings estimates, and significant transactions. In this year’s report, around two-thirds of respondents stated they suffered attacks that targeted market strategies.

“This threat aligns with economic espionage and can be used to digitize insider trading and front-run the market,” researchers wrote in the report.

On the defense side, even though 70% of interviewed financial institutions spend less than 12% of their overall IT budget on cybersecurity, the majority of them planned to increase their security budget by at least 20% this year. 

And surveyed CISOs ranked XDR, workload security, mobile security, threat intelligence, and managed detection and response (MDR) as their top security investment priorities. 

“Financial institutions now understand that today’s attackers are moving from heist to hijack, from dwell to destruction, and leaving their mark on an extremely vulnerable sector,” Tom Kellermann, head of cybersecurity strategy at VMware, said in a statement. “Collaboration between the cybersecurity community, government entities, and the financial sector is paramount to combat these emerging, increasing threats.”