Banks facing even bigger risk of cyber attacks - Moody's

Global retail and commercial banks are facing an increasing risk of cyber attacks as their operations become more digitised, Moody's Investors Service has warned in a new report.

Cyber attacks can in turn end up impacting a bank's credit standing through financial losses, erosion of brand value and regulatory consequences, the rating agency added.

The Moody's research for the report suggests that cyber attackers target banks in developed and developing markets alike.

Greater rewards

Banks in developed and wealthy markets are possibly more exposed because of their more prevalent digitalisation, as well as the more lucrative potential rewards of a successful cybercrime attempt. Larger banks in advanced and wealthy markets are at risk because of more widespread digitalisation and the high value of the data they house.

On the other hand, this is counterbalanced by access to security measures. 

"Smaller banks in developing markets often have fewer resources for cyber defence and internal controls, making them an easy target for financial theft," says Sophia Lee, a Moody's vice president and senior credit officer.

"Cyber attacks often target weak links in payment networks or in banks' data platforms and vendors. Smaller banks have fewer resources for cyber defence, often have weaker internal controls and may operate in jurisdictions with few or no cybersecurity laws or regulations.

Escalating losses

The report found that financial losses commonly occur via theft and fraud, and they generally affect banks through one-off reductions in profit and potentially capitalisation. More lasting franchise erosion, with indeterminate losses, can result from large data breaches or business disruption.

According to the report, the costs incurred from cyber attacks can escalate quickly as they increase in sophistication and simultaneously target multiple institutions.

Furthermore, the increasing popularity of social networks can also be abused to quicken the propagation and increase the ferocity of cyber attacks, amplifying their potential to destabilise the financial system. In more extreme cases, this could threaten the viability of the targeted bank, states the report.

According to Kaspersky's Managed Detection and Response Analytics Report, sophisticated targeted attacks often use so-called "living off the land" techniques, which hide malicious activity within legitimate user and administrator behaviour.

"If you don't see a large number of 'false-positive' events in your network, that probably means that you are missing a lot of important security incidents," says Sergey Soldatov, head of the security operation centre at Kaspersky.