Security by Sector: Cyber-Attack Could Create Financial Crisis, Says ECB Chief

The subject of how information security impacts different industry sectors is an intriguing one. For example, how does the finance industry fare in terms of information security compared to the health sector, or the entertainment business? Are there some sectors that face greater cyber-threats and risks than others? Do some do a better job of keeping data secure, and if so, how and why?

The cyber-risks surrounding the financial sector are well-documented, but the head of the European Central Bank (ECB) has warned that a combined cyber-attack on important banks could trigger financial crisis and instability.

As reported by the Independent, Christine Lagarde, the ECB’s president, said in a speech in France that, according to the European Systemic Risk Board (ESRB), the global cost of cyber-attacks is estimated to be between $45bn and $654bn.

“As an operator of critical infrastructures, the ECB obviously takes such threats very seriously,” she said, adding that there are multiple ways in which a cyber-attack that affected the balance accounts of a major financial institution could trigger a liquidity crisis.

“History shows that liquidity crises can quickly become systemic crises,” Lagarde continued. 

That’s pretty concerning given the fact that researchers at Fortinet recently discovered a Trojan malware campaign that is targeting online banking users around the world with the aim of stealing credit card information, finances and other personal details.  

“This is a particularly sly method by which the Trojan captures passwords when users enter them, something that won’t raise suspicions of most people infected,” said Javvad Malik, security awareness advocate at KnowBe4.

“Coupled with the fact that it uses anti-virus evasion techniques, it is even more likely to succeed,” he added.

Lagarde, who will step down from her role in September, also said that the ECB must assess the risks and opportunities surrounding central bank digital currencies in response to changing consumer demands.

Jake Moore, cybersecurity expert at ESET, commented: “The recent Travelex ransomware attack highlighted the ease at which taking out one organization can, in fact, knock on into other companies.

“There will always be a cyber-risk posed to the financial industry due to the vast amounts at stake, but this risk is managed to the highest capacity. When companies work together to build more robust defenses we see the potential risk lowered and the best outcomes. When a bank heist is attempted, it is best to share the attack vectors within the industry to learn from best practice and create stronger security.”

What’s Hot on Infosecurity Magazine?