Cyber Attacks On Banks Could Trigger Financial Crisis

The head of the European Central Bank (ECB) has warned that a combined cyber-attack on important banks could trigger financial crisis and instability.

The financial system has so far weathered larger-scale cyber-attacks, but some now argue that the system has not been properly tested for a systemic cyber-attack. As the connection between cyberspace and the real economy intensifies, amid widely expected further increases in interdependency, interconnectivity, and complexity, the probability that an external shock will affect the financial system and become a systemic event increases.

Christine Lagarde (pictured), the ECB’s president, said that a report by the European Systemic Risk Board (ESRB) estimates the global cost of cyber-attacks at between $45bn and $654bn. “As an operator of critical infrastructures, the ECB obviously takes such threats very seriously,” she said earlier this moneth, adding that there are several “plausible channels” through which a cyber-attack could morph into a serious financial crisis. One such channel might be an operational outage that destroyed or encrypted the balance accounts of a major financial institution could trigger a liquidity crisis. 

The report by the ESRB, which was set up by the European Commission, will look how a cyber incident could, under certain circumstances, rapidly escalate from an operational outage to a liquidity crisis.

It will say that in common with historical financial crises this liquidity crisis could, in certain circumstances, lead to a systemic crisis. At its most recent board meeting the ESRB revealed that it had identified cyber warfare as a source of risk to the financial system.

Last year, the G7 announced a joint cross-border crisis management exercise on a cyber incident affecting the financial system that it carried out in June 2019, saying that cyber risks were increasing and posed a “genuine and growing threat” to the stability and integrity of the financial sector. It was the first exercise of its kind to be organised by finance ministries, central banks, regulators and financial market authorities. It did not reveal the results but the G7 asked its Cyber Experts Group to review financial regulation, and to look at whether the impacts could be measured better. The Trump administration is expected to take up the issue when it assumes the G7 presidency this year.

In her speech, the ECB’s president also said it needed to look the risks and opportunities of issuing central bank digital currencies to respond to changing consumer demand and to strengthen Europe’s place in the world.

Last month, the Bank of England announced it would work with the ECB and the central banks of Canada, Japan, Sweden and Switzerland to share experiences as they assess the potential cases for central bank digital currency (CBDC). Central banks have accelerated their work on digital currencies after Facebook unveiled plans to introduce its Libra cryptocurrency and China said it was developing a digital currency.

Jake Moore, cybersecurity expert at ESET, said: “The recent Travelex ransomware attack highlighted the ease at which taking out one organisation can, in fact, knock on into other companies. “There will always be a cyber-risk posed to the financial industry due to the vast amounts at stake, but this risk is managed to the highest capacity." he said.  

"When companies work together to build more robust defenses we see the potential risk lowered and the best outcomes." 
 

Carnegie Endowment:       ECB Europa:       InfoSecurity Magazine:          Independent:       Image: WEF 

You Might Also Read:

Online Bank Fraud Is Up 40% In The UK:

Bank of England Testing Banks' Cyber Resilience:

 

 

 

« Cyber Incidents Jump Up The Risk Index
It Was The Chinese Army That Hacked Equifax »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Pen Test Partners LLP

Pen Test Partners LLP

Pen Test Partners provides penetration testing, security assessment and training services.

Communications Security Establishment (CSE)

Communications Security Establishment (CSE)

CSE is Canada's national cryptologic agency, providing the Government of Canada with IT Security and foreign signals intelligence (SIGINT) services.

Agesic

Agesic

Agesic is an institution that leads the development of the Digital Government and the Information and Knowledge Society in Uruguay.

Vesta

Vesta

Vesta Corporation is a global provider of a scalable suite of fraud and payment solutions for online commerce.

ENAC

ENAC

ENAC is the national accreditation body for Spain. The directory of members provides details of organisations offering certification services for ISO 27001.

NTIC Cyber Center

NTIC Cyber Center

NTIC Cyber Center is an organization dedicated to making the National Capital Region (Washington DC) more resilient to cyber-attacks.

Intrinsyc Technologies

Intrinsyc Technologies

Intrinsyc provides product development services and Edge Computing modules that are helping to take the Internet of Things products to the next level.

CyberNews

CyberNews

Cybernews.com is a research-based online publication that helps people navigate a safe path through their increasingly complex digital lives.

ARIA Cybersecurity Solutions

ARIA Cybersecurity Solutions

The ARIA ADR Automatic Detection & Response solution was designed to find, verify, and stop all types of attacks - automatically and in real time.

Trellix

Trellix

Trellix is an extended detection and response (XDR) solutions provider created from a merger of McAfee Enterprise and FireEye Products.

Nomios

Nomios

Nomios develops innovative solutions for your security and network challenges. We design, secure and manage your digital infrastructure.

Wib

Wib

Wib is an API security leader. We are the only company providing a solution for the entire API development lifecycle.

Cenobe Cyber Security

Cenobe Cyber Security

Cenobe provides customized solutions to keep you ahead of potential threats and ensure the security of your organization's systems and data.

Omantel Innovation Labs

Omantel Innovation Labs

The Omantel Innovation Labs is a platform to enable startups and innovators to develop and commercialize solutions within selected technology verticals including cybersecurity.

Radix Technologies

Radix Technologies

Radix offer end-to-end device management solutions, consolidating all the organization devices, processes and stakeholders into one easy-to-use management platform.

HIFENCE

HIFENCE

HIFENCE delivers cybersecurity and networking services that make your company safer and more secure. That’s all we do, so you can concentrate on all the things that you do best.