A Cyber Attack Could Spark A Run On Banks

A cyber-attack on financial institutions could undermine consumer confidence and spark a run on the banks, warned a new report by the Monetary Authority of Singapore (MAS)

It noted that the level of confidence in the financial system is a significant factor in determining whether such an attack would lead to wider systemic problems.

"Because data integrity is key in the financial sector, the loss of confidence in the damage scenario could be very severe... especially if data manipulation has gone undetected for a prolonged period," said the report by the MAS.

It added that while banks can mitigate the impact of a cyber-attack by ensuring they are underpinned by healthy levels of capital, "the impact of a loss of confidence in a bank can be hard to estimate or predict". The report said: "A loss of confidence is likely to render the bank more vulnerable, with knock-on effects to the wider financial system. For instance, a loss of confidence in a bank could lead to a run on deposits."

It comes on the back of guidelines the Association of Banks in Singapore released earlier this month that aim to strengthen the financial sector's cyber resilience. They provide financial institutions with best practices on how to conduct attacks that test their defences by using the techniques employed by hackers.

Cyber threats are constantly changing and the perpetrators' motivations will continue to evolve, the MAS noted in the review, which was released last Friday.

"The relationship between cyber-attacks and financial stability is increasingly important to understand," it said, warning that no one is immune to such threats. The WannaCry ransomware campaign, for example, hit both companies and countries last year and disrupted operations across the world.

The MAS study considered a range of scenarios, including the theft of money and data from a bank, disruption of its client-facing, trading and payment systems, and the corruption of its database. It said attacks can be prevented from causing systemic problems if the Government works with banks to coordinate crisis communication to ensure consistent messages.

Another avenue is to impose temporary market closures or bank holidays to stop panic spreading into the wider financial system. The authorities could also provide banks with liquidity to tide them over stresses.

Most attacks could have been prevented if institutions practiced basic cyber hygiene, the MAS said.
In September, it started a public consultation to make legally binding a set of six key cyber security steps to protect bank IT systems.

But financial institutions must also do their part by putting in place business continuity plans in case of an attack and to test them regularly in a realistic manner, it noted.

"Early detection and an effective incident response can help to contain the consequences and mitigate the impact of a cyber-attack not just within a bank, but also to the broader financial sector," the MAS said. It also encouraged the global financial industry to work together: 

"One institution's cyber incident can contribute to strengthening the defences of other institutions if information on cyber threats, incidents and lessons learnt are shared.

"Similar to information sharing between financial institutions, regulators stand to gain from sharing cyber threat information as it enhances their supervision and policymaking."

Straits Times:

You Might Also Read:

Singapore’s Giant Healthcare Hack:

Singapore: The Place To Launch Cyber Attacks From:

« US Dept. Of Energy CyberForce Student Competition
AI Will Monitor 3D Printing »

Perimeter 81

Directory of Suppliers

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

eBook: Practical Guide to Security in the AWS Cloud

eBook: Practical Guide to Security in the AWS Cloud

AWS Marketplace would like to present you with a digital copy of the new book, Practical Guide to Security in the AWS Cloud, by the SANS Institute.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

WEBINAR: How To Build A Security Observability Strategy In AWS

WEBINAR: How To Build A Security Observability Strategy In AWS

Thursday, Apr 22, 2021 - Join this webinar to learn how to build a security observability strategy in AWS, covering cloud-native monitoring sources, guardrails, and automation capabilities.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Labris Networks

Labris Networks

Labris Networks specializes in DDoS mitigation, NG Firewall, Unified Threat Management, Centralized Management, Regulatory Compliances and SOC/CERT Services.

Sphera Solutions

Sphera Solutions

Sphera is a global provider of software and information services in the operational risk, environmental performance and product stewardship markets.

Clearswift

Clearswift

Clearswift is trusted by businesses, governments and defense organizations globally for its Adaptive Cyber Security and Data Loss Prevention solutions.

Nehemia Security

Nehemia Security

Nehemiah Security delivers a security risk management and analytics platform that empowers business leaders to make better, more actionable decisions.

Endian

Endian

Endian’s mission is to provide a secure platform that connects distributed people and things, simplifying the digitalization of businesses.

H3Secure

H3Secure

H3 Secure focuses on Secure Data Erasure Solutions, Mobile Device Diagnostics and Information Technology Security Consulting.

Africa Cybersecurity and Digital Rights Organisation (ACDRO)

Africa Cybersecurity and Digital Rights Organisation (ACDRO)

ACDRO is a non-governmental Organisation pioneering Digital Rights and promoting cybersecurity awareness within the digital environment in Africa.

Haven Group

Haven Group

Haven Group and its companies are a cyber security one-stop-shop for our clients offering a full range of cyber security services to our clients in a unified and united way.