Banks facing even bigger risk of cyber attacks - Moody's

Global retail and commercial banks are facing an increasing risk of cyber attacks as their operations become more digitised, Moody's Investors Service has warned in a new report.

Cyber attacks can in turn end up impacting a bank's credit standing through financial losses, erosion of brand value and regulatory consequences, the rating agency added.

The Moody's research for the report suggests that cyber attackers target banks in developed and developing markets alike.

Greater rewards

Banks in developed and wealthy markets are possibly more exposed because of their more prevalent digitalisation, as well as the more lucrative potential rewards of a successful cybercrime attempt. Larger banks in advanced and wealthy markets are at risk because of more widespread digitalisation and the high value of the data they house.

On the other hand, this is counterbalanced by access to security measures. 

"Smaller banks in developing markets often have fewer resources for cyber defence and internal controls, making them an easy target for financial theft," says Sophia Lee, a Moody's vice president and senior credit officer.

"Cyber attacks often target weak links in payment networks or in banks' data platforms and vendors. Smaller banks have fewer resources for cyber defence, often have weaker internal controls and may operate in jurisdictions with few or no cybersecurity laws or regulations.

Escalating losses

The report found that financial losses commonly occur via theft and fraud, and they generally affect banks through one-off reductions in profit and potentially capitalisation. More lasting franchise erosion, with indeterminate losses, can result from large data breaches or business disruption.

According to the report, the costs incurred from cyber attacks can escalate quickly as they increase in sophistication and simultaneously target multiple institutions.

Furthermore, the increasing popularity of social networks can also be abused to quicken the propagation and increase the ferocity of cyber attacks, amplifying their potential to destabilise the financial system. In more extreme cases, this could threaten the viability of the targeted bank, states the report.

According to Kaspersky's Managed Detection and Response Analytics Report, sophisticated targeted attacks often use so-called "living off the land" techniques, which hide malicious activity within legitimate user and administrator behaviour.

"If you don't see a large number of 'false-positive' events in your network, that probably means that you are missing a lot of important security incidents," says Sergey Soldatov, head of the security operation centre at Kaspersky.

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24
Brent Crude
All Share
Top 40
Financial 15
Industrial 25
Resource 10
All JSE data delayed by at least 15 minutes morningstar logo
Company Snapshot
Voting Booth
Do you think it was a good idea for the government to approach the IMF for a $4.3 billion loan to fight Covid-19?
Please select an option Oops! Something went wrong, please try again later.
Yes. We need the money.
11% - 1501 votes
It depends on how the funds are used.
73% - 9706 votes
No. We should have gotten the loan elsewhere.
16% - 2155 votes