Cyber Attacks On Banks Could Trigger Financial Crisis

The head of the European Central Bank (ECB) has warned that a combined cyber-attack on important banks could trigger financial crisis and instability.

The financial system has so far weathered larger-scale cyber-attacks, but some now argue that the system has not been properly tested for a systemic cyber-attack. As the connection between cyberspace and the real economy intensifies, amid widely expected further increases in interdependency, interconnectivity, and complexity, the probability that an external shock will affect the financial system and become a systemic event increases.

Christine Lagarde (pictured), the ECB’s president, said that a report by the European Systemic Risk Board (ESRB) estimates the global cost of cyber-attacks at between $45bn and $654bn. “As an operator of critical infrastructures, the ECB obviously takes such threats very seriously,” she said earlier this moneth, adding that there are several “plausible channels” through which a cyber-attack could morph into a serious financial crisis. One such channel might be an operational outage that destroyed or encrypted the balance accounts of a major financial institution could trigger a liquidity crisis. 

The report by the ESRB, which was set up by the European Commission, will look how a cyber incident could, under certain circumstances, rapidly escalate from an operational outage to a liquidity crisis.

It will say that in common with historical financial crises this liquidity crisis could, in certain circumstances, lead to a systemic crisis. At its most recent board meeting the ESRB revealed that it had identified cyber warfare as a source of risk to the financial system.

Last year, the G7 announced a joint cross-border crisis management exercise on a cyber incident affecting the financial system that it carried out in June 2019, saying that cyber risks were increasing and posed a “genuine and growing threat” to the stability and integrity of the financial sector. It was the first exercise of its kind to be organised by finance ministries, central banks, regulators and financial market authorities. It did not reveal the results but the G7 asked its Cyber Experts Group to review financial regulation, and to look at whether the impacts could be measured better. The Trump administration is expected to take up the issue when it assumes the G7 presidency this year.

In her speech, the ECB’s president also said it needed to look the risks and opportunities of issuing central bank digital currencies to respond to changing consumer demand and to strengthen Europe’s place in the world.

Last month, the Bank of England announced it would work with the ECB and the central banks of Canada, Japan, Sweden and Switzerland to share experiences as they assess the potential cases for central bank digital currency (CBDC). Central banks have accelerated their work on digital currencies after Facebook unveiled plans to introduce its Libra cryptocurrency and China said it was developing a digital currency.

Jake Moore, cybersecurity expert at ESET, said: “The recent Travelex ransomware attack highlighted the ease at which taking out one organisation can, in fact, knock on into other companies. “There will always be a cyber-risk posed to the financial industry due to the vast amounts at stake, but this risk is managed to the highest capacity." he said.  

"When companies work together to build more robust defenses we see the potential risk lowered and the best outcomes." 
 

Carnegie Endowment:       ECB Europa:       InfoSecurity Magazine:          Independent:       Image: WEF 

You Might Also Read:

Online Bank Fraud Is Up 40% In The UK:

Bank of England Testing Banks' Cyber Resilience:

 

 

 

« Cyber Incidents Jump Up The Risk Index
It Was The Chinese Army That Hacked Equifax »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Bulb Security

Bulb Security

Whether your internal red team or penetration testing team needs training, or you lack internal resources and need an outsourced penetration test, Bulb Security can help.

LogRhythm

LogRhythm

LogRhythm's security platform unifies SIEM, log management, network and endpoint monitoring, user behaviour analytics, security automation and advanced security analytics.

Intelligence-sec

Intelligence-sec

Intelligence-Sec is a fully integrated Conferences and Exhibitions Company managing and producing topical events for the security industry.

SAI360

SAI360

SAI360 (formerly SAI Global) provide products and services for enterprise risk management including Governance, Risk & Compliance and Digital Risk solutions.

MAY Cyber Technology

MAY Cyber Technology

MAY Cyber Technology is a Security Management solutions provider located in Turkey & Germany.

Cyber Risk Opportunities

Cyber Risk Opportunities

Cyber Risk Opportunities was formed to enable middle-market executives to become more proficient cyber risk managers so their organizations can thrive.

e-Lock

e-Lock

e-Lock services include IT security consulting and training, security systems integration, managed security and technical support.

APERIO

APERIO

APERIO, the global leader in industrial data integrity, helps its customers drive profitability and sustainability while mitigating risk in their industrial operations.

Telecommunications & Digital Government Regulatory Authority (TDRA) - UAE

Telecommunications & Digital Government Regulatory Authority (TDRA) - UAE

TDRA focuses on regulating the telecommunications sector and enabling government entities in the field of smart transformation. It is responsible for the overall digital infrastructure in the UAE.

Conference Index

Conference Index

Conference Index provides an indexed listing of upcoming meetings, seminars, congresses, workshops, summits and symposiums across a wide range of subjects including Cybersecurity.

In-Sec-M

In-Sec-M

In-Sec-M is a non-profit organization that brings together companies, learning and research institutions, and government actors to increase competitiveness of the Canadian cybersecurity industry.

e5 Lab

e5 Lab

e5 Lab seeks to develop solutions to challenges faced by the shipping industry including digital transformation, autonomous technologies and big data in order to promote safe and efficient operations.

Venari Security

Venari Security

Venari is an award-winning cybersecurity SaaS provider that has developed an ETA (Encrypted Traffic Analysis) platform which fundamentally changes the way encrypted traffic is analysed.

Iris Powered by Generali

Iris Powered by Generali

Iris Powered by Generali is an identity theft resolution provider. Our offering combines expert assistance and support with user-friendly identity protection technology.

Purple Team

Purple Team

Purple Team is an expert cybersecurity and managed security service provider focused on arming your IT infrastructure with both red team and blue team services.

Exodata

Exodata

Exodata is a French digital services company specializing in the outsourcing of IT Systems and solutions.