The financial system can withstand one large institution being brought down, but if many large financial institutions are shut down by a cyberattack, the disruption could last for weeks, he said.
Also, if attackers strike during a particularly volatile period in the market – for example, on one of the “triple” Fridays that occur each quarter when stock options, futures Stock index and stock index options both expire on the same day – the effect can be amplified.
Such an attack would require skill, resources and coordination, something that the opponent has so far failed to demonstrate. Most cyberattacks against financial institutions to date have involved the theft of bank card numbers and account credentials by criminals; Although a number of incidents involving national-backed organizations have occurred, they have all had scope and impact.
In late 2011, Iranian hackers affiliated with the Islamic Revolutionary Guard Corps launched a months-long denial of service campaign against dozens of American financial institutions, including American Express, JPMorgan and Wells Fargo, according to Justice Department documents. The attacks disabled banking websites and locked out hundreds of thousands of customers from online accounts. And in 2016, North Korea-linked hackers broke into Bangladesh Bank and obtained employee credentials to steal $951 million via the Swift network, a messaging system used by financial institutions. finance use. They succeeded in grossing $81 million.
However, more sophisticated and destructive attacks are not out of the question. The New York Cyber Task Force – a group of government and private industry experts convened by Columbia University and led by Mr Rattray – considered a “serious but reasonable” scenario involving to many financial institutions. In the theoretical scenario, described in a report released by the task force this year, North Korean hackers compromised with a third-party service provider, such as a cloud computing company. , to hack into the network of a financial institution and install a self-propagating digital worm. delete data. When other financial institutions communicate with the infected bank, the wiper spreads to their network as well. The scenario highlights how quickly an attack can happen, and how financial institutions focus on protecting their networks from adversaries that could miss the risk of being compromised by their networks. reliable partners.
If this situation turns out to be as the task force imagines, an initiative called Sheltered Harbor should help address at least the loss of data. The program, launched by the industry in 2015, is designed to protect banks from losing valuable data due to cyber attacks – participating banks’ data is encrypted and backed up on a daily basis. date to secure offline storage so that if data is deleted or changed or access to it is blocked, it can be restored.
It’s not just about banking
Under a 2013 White House executive order, the Department of Homeland Security was required to identify critical infrastructure where a cybersecurity incident could have “catastrophic regional or national effects on to public health or safety, economic security or national security”. In the financial sector, DHS and the Treasury Department identified more than two dozen key financial institutions that fit the description, according to the sources, who spoke on condition of anonymity because of the sensitive information.