European Banks to Run Cyber Stress Tests As ECB Notes Rise in Cyber Attacks

Amid a US banking crisis and fears of a looming widespread financial crash rising with the Credit Suisse bailout, increases in cyber attacks adds another level of uncertainty. The European Central Bank (ECB) has shared its concerns over the recent spate of attacks by telling banks to run cyber stress tests. The ECB has now requested that all major lenders in the eurozone detail how they would respond to and recover from a successful cyber attack by 2024.

This will be the first major cyber stress test of its kind run by the ECB. It comes after a substantial rise in cyber attacks following the war in Ukraine. According to a report released by the ECB, the number of ransomware strains saw a sharp increase in 2022. While many claim a majority of these attacks are Kremlin-sponsored, the ECB hasn’t attributed the rise to any specific actors. It has, however, acknowledged that the spikes in malicious activity corresponds with the war.

What does this spell for the future of financial markets and the security of your financial assets, wherever you may store them? The ECB’s focus on preventative measures is a positive step forward and indicates where everyone should be directing their efforts.

The Rise in Cyber Attacks Leads to Worry

The 2022 Systemic Risk Survey shows 74% of respondents deemed cyber attacks to be the highest risk to the financial sector. Banks are big targets for cybercriminals because they store and process massive amounts of monetary transactions every day, which creates lots of room for error. 

While banks have stepped up their game in recent years, an EY survey shows 58% of CROs are concerned by their organization’s inability to manage cybersecurity risks.

Red bar graph showing increase in cyber attacks over years
Cyber attacks keep rising but the threat landscape is changing to include more geopolitically-fueled attacks.

The geopolitical landscape has also dominated discussions on the financial threat landscape in the past year with many reports referencing the war in Ukraine. The ENISA Threat Landscape 2022 report mentions significant increases in hacktivist activity and the mobilization of state-sponsored hacktivists during the conflict.

The report also mentions resourceful threat actors increasing their capabilities by utilizing more 0-day exploits, supply chain attacks, and attacks against Managed Services Providers (MSPs). This is especially concerning as organizations’ defenses can serve as a deterrent for attack on their own, extremely complex and up-to-date cybersecurity systems are more expensive to penetrate. Unfortunately, the former kind threats circumvent much of the latter.

Given the prevalence of reports like these, it’s understandable why the ECB would want to make sure banking institutions are prepared to face the onslaught of attacks.

Financial Market Woes is an Unaffordable Uncertainty

Two banks in the US, Signature Bank and Silicon Valley Bank (SVB), have collapsed this month. Shares in many banks around the world have also taken a dive, and Credit Suisse just had to be bailed out by the Swiss central bank. The US central bank recently reported a surge in requests for emergency lending to banks to boost their funds.

Photo of investments tanking on stock market
Banking crashes and other market stressors is creating a lot of anxiety in the financial sector

All of these developments and other indicators of global recession point to extreme market stress in the near future. Some even claim we’re heading for a market crash, and things have gotten to a point that president Biden had to assure people their money is safe.

These concerning developments add an unaffordable level of risk to the security of financial institutions as it directs their attention away from safety. When companies are distracted with staying afloat, they’re not focusing on cybersecurity. This also opens up these financial institutions to new types of spear phishing attacks and other types of threats from cybercriminals.

Cyber attacks could be especially disastrous to banks and other financial institutions as the markets take a turn for the worse. It would lead to massive financial losses, which are normally devastating but could now be catastrophic. It might also make it impossible for struggling institutions to recover, where they normally might have bounced back.

Strengthening Cybersecurity is the Only Way Forward

An ECB spokesperson said the goal of this exercise is to determine “how banks are able to respond to and recover from a successful cyberattack.” The ECB hopes to have the stress test results by the middle of 2024. It hasn’t stated whether it provided companies with any recommendations or what it will do with the test results. 

Yet, with this move, the ECB provides us with an important reminder: you can’t prevent all cyber attacks but there are things you can do to stay prepared. This isn’t just good advice for banks or companies in the financial sector, but for everyone who does online banking as well. Cybercriminals don’t just target big companies — anyone can become a victim of phishing scams, ransomware, malware, and identity theft with the aim to steal your data or funds. 

Taking preventative measures to make it as hard for cybercriminals as possible is your only means of fighting back. This should include using strong and unique passwords, enabling multi-factor authentication, being careful when receiving links or files to download, and using a VPN to secure your connection. CyberGhost uses impenetrable 256-bit AES VPN encryption to make it impossible for attackers to hijack your connection and spy on your online traffic.

Leave a comment

Write a comment

Your email address will not be published. Required fields are marked*