KnowBe4 warns a 'perfect storm' of cyber threats looms

The global financial sector is grappling with a surge in sophisticated cyberattacks that threaten the stability of banks, payment systems and customer trust, according to new research from KnowBe4. The cybersecurity firm's latest report, Financial Sector Threats Report, details how AI-enhanced phishing, credential theft and supplier vulnerabilities are converging into a systemic crisis.

"Traditional defenses are no longer sufficient and threat actors discovered stealing valid credentials is more effective than ransomware because it allows them to move undetected," said James McQuiggan, security awareness advocate at KnowBe4. "The battle comes down to the human level. Financial institutions must prioritize human risk management to close this critical security gap."

Escalating threat landscape

The study underscores the extraordinary pressure facing banks and financial service providers. Financial firms now experience up to 300 times more cyberattacks annually than companies in other sectors, with intrusion events climbing 25 percent in 2024 alone. Nearly all of the largest U.S. banks—97 percent—reported third-party breaches in the past year, while 100 percent of Europe's top financial firms experienced supplier-related breaches, researchers noted.

The nature of attacks has shifted. Once dominated by ransomware encryption schemes, cybercriminals now favor stealing valid credentials and quietly exploiting systems over time.

Dark web analysis of more than 3 million posts showed credential theft far surpasses stolen credit cards, with infostealer malware infections rising 58 percent in 2024. Attackers increasingly rely on AI-driven tools like FraudGPT, BlackmailerV3 and ElevenLabs to craft realistic phishing campaigns, deepfake videos and synthetic voices. These innovations allow criminals to "live off the land," blending in with legitimate users and making detection far harder, KnowB4 found.

Human vulnerabilities exposed

Perhaps most concerning are the vulnerabilities revealed within financial institutions themselves. Testing showed that nearly 45 percent of employees at large banks were likely to click on a malicious link or download infected files. While smaller institutions had lower susceptibility, about one in three staff members at midsize organizations still posed significant risk.

KnowBe4's data also highlight the effectiveness of targeted training. Consistent awareness programs, including simulated phishing exercises, reduced click rates to under 5 percent within a year. "Human error remains the most common entry point for attackers," the report notes, "but it is also one of the most addressable risks when organizations commit to ongoing education and culture change."

Global reach and regional risks

The United States remains the most heavily targeted financial market, accounting for 60 percent of ransomware attacks in 2024. Combined with the U.K., English-speaking countries represent more than 70 percent of attacks. Yet adversaries are increasingly turning their attention to emerging markets in South Asia and Latin America, where expanding digital banking adoption often outpaces security readiness.

A spate of high-profile breaches underscores the scale of the threat. Coinbase reported in May 2025 that nearly 70,000 accounts had been compromised, with losses estimated between $180 million and $400 million. Other recent incidents include breaches at Prudential Financial, HSBC and Barclays, as well as Mr. Cooper, the largest U.S. nonbank mortgage servicer, which exposed data from 14.7 million customers.

Systemic Implications

The stakes extend beyond individual institutions. According to the Federal Reserve Bank of New York, if a major bank were unable to make payments for just one day, nearly 40 percent of its network banks could be affected. That kind of disruption could cascade through global markets, amplifying systemic financial risk.

KnowBe4's report paints a stark picture: adversaries are not only escalating their methods but also exploiting weaknesses in supply chains, vendor ecosystems and employee awareness. "The security of the global business community rests on the stability and reliability of the international finance sector," the report states. "Protecting this foundation requires vigilance at every level—from technical defenses to human behavior."

Path Forward

Despite the grim outlook, there are proven paths to resilience. The report stresses the importance of layered defenses, stronger oversight of third-party vendors, and, most crucially, human risk management. Organizations that implement comprehensive awareness training, practice phishing simulations and cultivate a security-first culture are significantly less likely to suffer catastrophic breaches.

With cybercriminals leveraging AI and shifting tactics, the financial sector's margin for error is narrowing. As McQuiggan emphasized, success may hinge less on technology alone and more on empowering people to become the first line of defense.

Notice to readers: These are archived articles. Contact information, links and other details may be out of date. We regret any inconvenience.