Cyber Attacks On Banks Could Trigger Financial Crisis

The head of the European Central Bank (ECB) has warned that a combined cyber-attack on important banks could trigger financial crisis and instability.

The financial system has so far weathered larger-scale cyber-attacks, but some now argue that the system has not been properly tested for a systemic cyber-attack. As the connection between cyberspace and the real economy intensifies, amid widely expected further increases in interdependency, interconnectivity, and complexity, the probability that an external shock will affect the financial system and become a systemic event increases.

Christine Lagarde (pictured), the ECB’s president, said that a report by the European Systemic Risk Board (ESRB) estimates the global cost of cyber-attacks at between $45bn and $654bn. “As an operator of critical infrastructures, the ECB obviously takes such threats very seriously,” she said earlier this moneth, adding that there are several “plausible channels” through which a cyber-attack could morph into a serious financial crisis. One such channel might be an operational outage that destroyed or encrypted the balance accounts of a major financial institution could trigger a liquidity crisis. 

The report by the ESRB, which was set up by the European Commission, will look how a cyber incident could, under certain circumstances, rapidly escalate from an operational outage to a liquidity crisis.

It will say that in common with historical financial crises this liquidity crisis could, in certain circumstances, lead to a systemic crisis. At its most recent board meeting the ESRB revealed that it had identified cyber warfare as a source of risk to the financial system.

Last year, the G7 announced a joint cross-border crisis management exercise on a cyber incident affecting the financial system that it carried out in June 2019, saying that cyber risks were increasing and posed a “genuine and growing threat” to the stability and integrity of the financial sector. It was the first exercise of its kind to be organised by finance ministries, central banks, regulators and financial market authorities. It did not reveal the results but the G7 asked its Cyber Experts Group to review financial regulation, and to look at whether the impacts could be measured better. The Trump administration is expected to take up the issue when it assumes the G7 presidency this year.

In her speech, the ECB’s president also said it needed to look the risks and opportunities of issuing central bank digital currencies to respond to changing consumer demand and to strengthen Europe’s place in the world.

Last month, the Bank of England announced it would work with the ECB and the central banks of Canada, Japan, Sweden and Switzerland to share experiences as they assess the potential cases for central bank digital currency (CBDC). Central banks have accelerated their work on digital currencies after Facebook unveiled plans to introduce its Libra cryptocurrency and China said it was developing a digital currency.

Jake Moore, cybersecurity expert at ESET, said: “The recent Travelex ransomware attack highlighted the ease at which taking out one organisation can, in fact, knock on into other companies. “There will always be a cyber-risk posed to the financial industry due to the vast amounts at stake, but this risk is managed to the highest capacity." he said.  

"When companies work together to build more robust defenses we see the potential risk lowered and the best outcomes." 
 

Carnegie Endowment:       ECB Europa:       InfoSecurity Magazine:          Independent:       Image: WEF 

You Might Also Read:

Online Bank Fraud Is Up 40% In The UK:

Bank of England Testing Banks' Cyber Resilience:

 

 

 

« Cyber Incidents Jump Up The Risk Index
It Was The Chinese Army That Hacked Equifax »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LogRhythm

LogRhythm

LogRhythm's security platform unifies SIEM, log management, network and endpoint monitoring, user behaviour analytics, security automation and advanced security analytics.

Guy Carpenter

Guy Carpenter

Guy Carpenter delivers a powerful combination of broking expertise, strategic advisory services, and industry-leading analytics.

One Identity

One Identity

One Identity delivers identity governance, access management, and privileged account management solutions that facilitate and secure your digital transformation.

Shape Security

Shape Security

Shape Security provide best-in-class defense against malicious automated cyberattacks on web and mobile applications.

G DATA CyberDefense

G DATA CyberDefense

G Data developed the world's first antivirus software. We now ensure the security of small, large and medium-sized companies all over the world.

Hysolate

Hysolate

Hysolate has transformed the endpoint, making it the secure and productive environment it was meant to be.

Lifespan Technology

Lifespan Technology

Lifespan Technology provides the full range of IT Asset Disposition services. This includes hardware recycling and disposal, data destruction, and hardware resale.

ERI

ERI

ERI is the largest fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company in the United States.

Logit.io

Logit.io

Logit.io is a log analysis & management platform that provides a scalable solution for hosting the open-source tools Elasticsearch, Logstash, and Kibana.

G-71

G-71

G-71 LeaksID is a cutting-edge ITM technology aimed at safeguarding sensitive documents from insider threats.

DEKRA

DEKRA

DEKRA’s promise is to ensure the safety of human interaction with technology and the environment.

Nexer

Nexer

Nexer is a modern tech company with expertise in strategy, technology and communication with a strong vision.

Windstream

Windstream

Windstream is a leading provider of advanced network communications and technology solutions for consumers, small businesses, enterprise organizations and carrier partners across the US.

Intraframe US

Intraframe US

Intraframe US is a cybersecurity company in Memphis, specializing in Digital Forensics Incident Response and Managed IT services. We provide SMBs with a 24/7 SOC for proactive Cyber Threat Management.

Bytium

Bytium

Bytium provides top-tier IT services and solutions designed to empower everyone, from individuals to global corporations. Specializing in cybersecurity and proactive IT management.

TrustNet

TrustNet

TrustNet helps mid-to-large firms build trust through top-tier cybersecurity, compliance, and consulting—offering complete managed services all in one place.