A Cyber Attack Could Spark A Run On Banks

A cyber-attack on financial institutions could undermine consumer confidence and spark a run on the banks, warned a new report by the Monetary Authority of Singapore (MAS)

It noted that the level of confidence in the financial system is a significant factor in determining whether such an attack would lead to wider systemic problems.

"Because data integrity is key in the financial sector, the loss of confidence in the damage scenario could be very severe... especially if data manipulation has gone undetected for a prolonged period," said the report by the MAS.

It added that while banks can mitigate the impact of a cyber-attack by ensuring they are underpinned by healthy levels of capital, "the impact of a loss of confidence in a bank can be hard to estimate or predict". The report said: "A loss of confidence is likely to render the bank more vulnerable, with knock-on effects to the wider financial system. For instance, a loss of confidence in a bank could lead to a run on deposits."

It comes on the back of guidelines the Association of Banks in Singapore released earlier this month that aim to strengthen the financial sector's cyber resilience. They provide financial institutions with best practices on how to conduct attacks that test their defences by using the techniques employed by hackers.

Cyber threats are constantly changing and the perpetrators' motivations will continue to evolve, the MAS noted in the review, which was released last Friday.

"The relationship between cyber-attacks and financial stability is increasingly important to understand," it said, warning that no one is immune to such threats. The WannaCry ransomware campaign, for example, hit both companies and countries last year and disrupted operations across the world.

The MAS study considered a range of scenarios, including the theft of money and data from a bank, disruption of its client-facing, trading and payment systems, and the corruption of its database. It said attacks can be prevented from causing systemic problems if the Government works with banks to coordinate crisis communication to ensure consistent messages.

Another avenue is to impose temporary market closures or bank holidays to stop panic spreading into the wider financial system. The authorities could also provide banks with liquidity to tide them over stresses.

Most attacks could have been prevented if institutions practiced basic cyber hygiene, the MAS said.
In September, it started a public consultation to make legally binding a set of six key cyber security steps to protect bank IT systems.

But financial institutions must also do their part by putting in place business continuity plans in case of an attack and to test them regularly in a realistic manner, it noted.

"Early detection and an effective incident response can help to contain the consequences and mitigate the impact of a cyber-attack not just within a bank, but also to the broader financial sector," the MAS said. It also encouraged the global financial industry to work together: 

"One institution's cyber incident can contribute to strengthening the defences of other institutions if information on cyber threats, incidents and lessons learnt are shared.

"Similar to information sharing between financial institutions, regulators stand to gain from sharing cyber threat information as it enhances their supervision and policymaking."

Straits Times:

You Might Also Read:

Singapore’s Giant Healthcare Hack:

Singapore: The Place To Launch Cyber Attacks From:

« US Dept. Of Energy CyberForce Student Competition
AI Will Monitor 3D Printing »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

iTrinegy

iTrinegy

iTrinegy is a world leader in Application Risk Management offering solutions to mitigate all networked application deployment risks

RoboForm

RoboForm

RoboForm's industry-leading encryption technology securely stores your passwords, with one Master Password serving as your encryption key.

Quality Professionals (Q-Pros)

Quality Professionals (Q-Pros)

QPros are a recognized leader in providing full-cycle software quality assurance and application testing services.

RSA Insurance Group

RSA Insurance Group

RSA is one of the world’s leading multinational quoted insurance groups. Commercial services include cyber risk insurance.

MSG Systems

MSG Systems

MSG are committed to intelligent IT and industry solutions and offer independent consulting on all aspects of information security.

Digital Hands

Digital Hands

Digital Hands is an award-winning managed security services provider.

Crosscheck Networks

Crosscheck Networks

Crosscheck products allow you to test your APIs across different protocols and message formats with functional automation, performance, and security testing capabilities.

PSYND

PSYND

PSYND is a Swiss consultancy company based in Geneva specialized in CyberSecurity and Identity & Access Management.

SIS Certifications (SIS CERT)

SIS Certifications (SIS CERT)

SIS Certifications is an ISO certification body serving more than 10,000 clients in over 15 countries worldwide.

World Cyber Security Summit

World Cyber Security Summit

World Cyber Security Summit, by Trescon, is a thought-leadership driven platform for CISOs who are looking to explore new-age threats and the technologies/strategies that can help mitigate them.

443ID

443ID

443ID brings OSINT data to Identity Security professionals on any digital platform.

ALSCO

ALSCO

ALSCO is dedicated to bringing first class IT services, technical support, and solutions to goverment, companies and organizations worldwide.

Memcyco

Memcyco

Memcyco is a provider of cutting-edge digital trust technologies to empower brands in combating online brand impersonation fraud, and preventing fraud damages to businesses and their clients.

Antivirus Tales

Antivirus Tales

Antivirus Tales offers a platform to resolve all types of antivirus-related issues. The platform also provide various blog articles and informative guides to fix antivirus software errors.

XONA Systems

XONA Systems

XONA is The Zero Trust user access platform for the OT enterprise. Secure operational access to critical systems - from anywhere.

CyberSG TIG Centre

CyberSG TIG Centre

CyberSG TIG Centre aims to propel Singapore as the world’s premier cybersecurity innovation hub for economic growth.