A Cyber Attack Could Spark A Run On Banks

Uploaded on 2018-11-30 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

A cyber-attack on financial institutions could undermine consumer confidence and spark a run on the banks, warned a new report by the Monetary Authority of Singapore (MAS)

It noted that the level of confidence in the financial system is a significant factor in determining whether such an attack would lead to wider systemic problems.

"Because data integrity is key in the financial sector, the loss of confidence in the damage scenario could be very severe... especially if data manipulation has gone undetected for a prolonged period," said the report by the MAS.

It added that while banks can mitigate the impact of a cyber-attack by ensuring they are underpinned by healthy levels of capital, "the impact of a loss of confidence in a bank can be hard to estimate or predict". The report said: "A loss of confidence is likely to render the bank more vulnerable, with knock-on effects to the wider financial system. For instance, a loss of confidence in a bank could lead to a run on deposits."

It comes on the back of guidelines the Association of Banks in Singapore released earlier this month that aim to strengthen the financial sector's cyber resilience. They provide financial institutions with best practices on how to conduct attacks that test their defences by using the techniques employed by hackers.

Cyber threats are constantly changing and the perpetrators' motivations will continue to evolve, the MAS noted in the review, which was released last Friday.

"The relationship between cyber-attacks and financial stability is increasingly important to understand," it said, warning that no one is immune to such threats. The WannaCry ransomware campaign, for example, hit both companies and countries last year and disrupted operations across the world.

The MAS study considered a range of scenarios, including the theft of money and data from a bank, disruption of its client-facing, trading and payment systems, and the corruption of its database. It said attacks can be prevented from causing systemic problems if the Government works with banks to coordinate crisis communication to ensure consistent messages.

Another avenue is to impose temporary market closures or bank holidays to stop panic spreading into the wider financial system. The authorities could also provide banks with liquidity to tide them over stresses.

Most attacks could have been prevented if institutions practiced basic cyber hygiene, the MAS said.
In September, it started a public consultation to make legally binding a set of six key cyber security steps to protect bank IT systems.

But financial institutions must also do their part by putting in place business continuity plans in case of an attack and to test them regularly in a realistic manner, it noted.

"Early detection and an effective incident response can help to contain the consequences and mitigate the impact of a cyber-attack not just within a bank, but also to the broader financial sector," the MAS said. It also encouraged the global financial industry to work together: 

"One institution's cyber incident can contribute to strengthening the defences of other institutions if information on cyber threats, incidents and lessons learnt are shared.

"Similar to information sharing between financial institutions, regulators stand to gain from sharing cyber threat information as it enhances their supervision and policymaking."

Straits Times:

You Might Also Read:

Singapore’s Giant Healthcare Hack:

Singapore: The Place To Launch Cyber Attacks From:

« US Dept. Of Energy CyberForce Student Competition
AI Will Monitor 3D Printing »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

S2 Grupo

S2 Grupo

S2 Grupo is the benchmark company in Europe and Latin America, for Cyber Intelligence and mission critical systems operations.

Exostar

Exostar

Exostar is the cloud platform of choice for secure enterprise and supply chain collaboration solutions and identity and access management expertise.

OneVisage

OneVisage

Our award-winning 3DAuth digital identity platform turns any consumer mobile device into a real-time 3D facial scanner that securely authenticates the user in seconds.

Riscure

Riscure

Riscure is a global test lab and tools leader for device security. Core expertise in side channel analysis, fault injection and embedded device software.

Devel

Devel

Devel is a LATAM cybersecurity company specialized in providing red, blue and purple team services for the financial sector.

Network Integrated Business Solutions (NIBS)

Network Integrated Business Solutions (NIBS)

NIBS is an IT services provider offering a range of services with the aim of simplifying and securing technology.

Balbix

Balbix

Balbix BreachControl™ is the industry’s first system to leverage specialized AI to provide comprehensive and continuous predictive assessment of breach risk.

Incognito Forensic Foundation Lab (IFF Lab)

Incognito Forensic Foundation Lab (IFF Lab)

IFF Lab is a premier cyber and digital forensics lab in India that offers forensic services and solutions, cyber security analysis and assessment, IT support, training and consultation.

Improsec

Improsec

Improsec is a fully independent Cyber Security advisory company - we provide knowledge, experience and both strategic and deep technical expertise to our clients.

iSolutions

iSolutions

iSolutions is an official reseller and engineering company of leading products and solutions for cybersecurity and information protection, optimization, visualization and control of applications

Quartz Network

Quartz Network

Quartz Network is a curated community for change-makers, up-and-comers, and professionals who are ready to grow, adapt, and thrive.

Detego Global

Detego Global

Detego Global are the creators of the Detego® Unified Digital Forensics Platform, a suite of modular tools used globally by military, law enforcement and intelligence agencies, and enterprises.

SHI International

SHI International

SHI International deliver against your IT and business needs, helping you build strategies and solutions that will drive innovation, collaboration and security.

Cyber News Live (CNL)

Cyber News Live (CNL)

Cyber News Live provide vital information and raise awareness about all things 'cyber' to ensure you stay protected in the digital world.

Brunswick Group

Brunswick Group

Brunswick is a critical issues firm. We advise the world’s leading companies on how to navigate the critical issues they face and engage with their critical stakeholders.

Lupasafe

Lupasafe

Lupasafe is a software for businesses to see IT risks and insights, and provide vital training for employees.