Our latest analysis for navigating risks to financial services organizations

As adversaries target the global financial services sector for assets, high-value data, and customers’ personally identifiable information (PII), defenders are facing a surge in hands-on-keyboard intrusions driven by diverse motivations. 

Key insights:

• Interactive Intrusions on the Rise: Hands-on-keyboard attacks have increased by 43% over the past two years, giving adversaries the flexibility to pursue theft, extortion, or intelligence collection after initial access.
• Ransomware Pressure Is Increasing: Big game hunting activity is rising — from April 1, 2025, to March 31, 2026, there was a 27% increase in victims named on dedicated leak sites compared to the previous reporting period, underscoring the sector’s attractiveness for high-value extortion.
• The Democratic People’s Republic of Korea (DPRK) Threat: North Korean adversaries have intensified their focus on financial technology (fintech) organizations and cryptocurrency, executing the largest financial theft in history via sophisticated supply chain compromises.
• China-Nexus Espionage Persists: China-nexus threat actors remain the primary intelligence threat, aggressively targeting PII and economic data to fuel long-term espionage campaigns.