Cyber Attacks On Banks Could Trigger Financial Crisis

The head of the European Central Bank (ECB) has warned that a combined cyber-attack on important banks could trigger financial crisis and instability.

The financial system has so far weathered larger-scale cyber-attacks, but some now argue that the system has not been properly tested for a systemic cyber-attack. As the connection between cyberspace and the real economy intensifies, amid widely expected further increases in interdependency, interconnectivity, and complexity, the probability that an external shock will affect the financial system and become a systemic event increases.

Christine Lagarde (pictured), the ECB’s president, said that a report by the European Systemic Risk Board (ESRB) estimates the global cost of cyber-attacks at between $45bn and $654bn. “As an operator of critical infrastructures, the ECB obviously takes such threats very seriously,” she said earlier this moneth, adding that there are several “plausible channels” through which a cyber-attack could morph into a serious financial crisis. One such channel might be an operational outage that destroyed or encrypted the balance accounts of a major financial institution could trigger a liquidity crisis. 

The report by the ESRB, which was set up by the European Commission, will look how a cyber incident could, under certain circumstances, rapidly escalate from an operational outage to a liquidity crisis.

It will say that in common with historical financial crises this liquidity crisis could, in certain circumstances, lead to a systemic crisis. At its most recent board meeting the ESRB revealed that it had identified cyber warfare as a source of risk to the financial system.

Last year, the G7 announced a joint cross-border crisis management exercise on a cyber incident affecting the financial system that it carried out in June 2019, saying that cyber risks were increasing and posed a “genuine and growing threat” to the stability and integrity of the financial sector. It was the first exercise of its kind to be organised by finance ministries, central banks, regulators and financial market authorities. It did not reveal the results but the G7 asked its Cyber Experts Group to review financial regulation, and to look at whether the impacts could be measured better. The Trump administration is expected to take up the issue when it assumes the G7 presidency this year.

In her speech, the ECB’s president also said it needed to look the risks and opportunities of issuing central bank digital currencies to respond to changing consumer demand and to strengthen Europe’s place in the world.

Last month, the Bank of England announced it would work with the ECB and the central banks of Canada, Japan, Sweden and Switzerland to share experiences as they assess the potential cases for central bank digital currency (CBDC). Central banks have accelerated their work on digital currencies after Facebook unveiled plans to introduce its Libra cryptocurrency and China said it was developing a digital currency.

Jake Moore, cybersecurity expert at ESET, said: “The recent Travelex ransomware attack highlighted the ease at which taking out one organisation can, in fact, knock on into other companies. “There will always be a cyber-risk posed to the financial industry due to the vast amounts at stake, but this risk is managed to the highest capacity." he said.  

"When companies work together to build more robust defenses we see the potential risk lowered and the best outcomes." 
 

Carnegie Endowment:       ECB Europa:       InfoSecurity Magazine:          Independent:       Image: WEF 

You Might Also Read:

Online Bank Fraud Is Up 40% In The UK:

Bank of England Testing Banks' Cyber Resilience:

 

 

 

« Cyber Incidents Jump Up The Risk Index
It Was The Chinese Army That Hacked Equifax »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Council of European Professional Informatics Societies (CEPIS)

Council of European Professional Informatics Societies (CEPIS)

CEPIS is the representative body of national informatics associations throughout Europe and represent over 450,000 ICT and informatics professionals in 32 countries.

Lawley Insurance

Lawley Insurance

Lawley is a full-service, independent insurance agency. Specialty insurance products include Cyber Security.

herdProtect

herdProtect

herdProtect is a second line of defense malware scanning platform powered by 68 anti-malware engines in the cloud.

Xcina Consulting (XCL)

Xcina Consulting (XCL)

Xcina Consulting provides high quality business and technology risk assurance and advisory services.

Plurilock Security Solutions

Plurilock Security Solutions

Plurilock is a real-time cybersecurity solution that uses artificial intelligence to identify, prevent, and eliminate insider threats.

Cryptsoft

Cryptsoft

Cryptsoft provides key management and security software development toolkits based around open standards such as OASIS KMIP and PKCS#11.

PRESENSE Technologies

PRESENSE Technologies

PRESENSE Technologies specializes in monitoring and enforcing IT security policies at critical points in the network and on end systems.

Open Cloud Factory

Open Cloud Factory

Open Cloud Factory is a European based security company, that strives to ease the pressure on IT managers, by providing tools to implement your Security Strategy in an effective and easy manner.

Bellvista Capital

Bellvista Capital

Bellvista Capital connects entrepreneurs with capital and unmatched business expertise in the technology areas of Cloud Computing, Cyber Security and Data Analytics.

spiderSilk

spiderSilk

spiderSilk is a Dubai-based cybersecurity firm, specializing in simulating the most advanced cyber offenses on your technology so you can build your best security defenses.

Cider Security

Cider Security

Cider Security - It’s time to revolutionize the way Security, Dev and DevOps teams work together to supercharge security at the speed of engineering.

Istari

Istari

ISTARI is a new kind of cyber risk management company. We’re an agile collective of best-in-class capabilities and experts, who build ongoing partnerships with clients.

Gotham Security

Gotham Security

Gotham Security delivers high-quality penetration testing, malicious adversary simulation, compliance program development, and threat intelligence services.

DART Consulting & Training

DART Consulting & Training

DART is a leading cyber training and consultancy company. We enhance our clients’ cyber capabilities by growing and strengthening their frontline defense – the cyber teams.

True North Solutions

True North Solutions

True North Solutions provides a wide range of fully customized, vendor-neutral industrial engineering and OT automation solutions to companies across North America and around the world.

CrashPlan

CrashPlan

CrashPlan provides peace of mind through secure, scalable, and straightforward endpoint data backup.