trending Market Intelligence /marketintelligence/en/news-insights/trending/FHaCDLigVBuYt_mOCUKnUw2 content esgSubNav
In This List

Digitization puts banks at higher risk of cyberattack, Moody's says

Blog

Banking Essentials Newsletter: September Edition, Part - 2

Video

S&P Capital IQ Pro | Unrivaled Sector Coverage

Video

S&P Capital IQ Pro | Powering Your Edge

Podcast

Street Talk Episode 81: Amid strong recovery, Banc of California hearing more M&A chatter


Digitization puts banks at higher risk of cyberattack, Moody's says

Big banks in wealthier economies are at high risk of cyberattacks, as the vast amounts of data they hold makes them attractive targets for criminals, according to rating agency Moody's.

Meanwhile increased digitization creates new vulnerabilities, Moody's said in an Oct. 21 report.

Banks are at high risk from cyberattacks along with securities firms and market infrastructure providers, while asset managers and life insurers face medium risk, according to the report.

While losses from one-off thefts and fraud can hit a bank's profitability in the short term in the form of financial losses and fines from the regulator, data breaches caused by a cyberattack can result in much more far-ranging and "indeterminate" damage, according to the report. This can include higher funding costs, weaker growth and flight of deposits.

Systemic risk

An attack in the form of a major data breach could also imperil the broader financial system.

"A successful attack on a large, highly interconnected bank could pose systemwide risk," Moody's said.

So far, most cyberattacks have not impacted the creditworthiness of the banks affected, but there are a handful of notable exceptions, the rating agency said. Bulgaria's CorpBank was so badly affected by a bank run triggered by a mobile and social media campaign of misinformation by hackers that the central bank, Bulgarian National Bank took it under administration and then went on to revoke its license.

There are differences in the vulnerability to cyberattacks of banks in developing versus developed economies.

In the former, weak internal controls and a lack of regulation or laws concerning cyber security are more likely to create risks.

"Banks in developing markets tend to be smaller, with fewer resources and less developed risk-management infrastructure to identify exposures, take preventative measures and mitigate risk," the report said. "Smaller banks' limited resources to attract and retain sufficiently skilled IT talent means they will increasingly struggle to make the ongoing improvements required to build robust lines of cyber defense and keep up with increasing risk."

But banks in more developed economies are at risk of more sinister threats.

"Large institutions are at greater risk of sophisticated cyber attacks designed to steal or manipulate data, to create significant operational disruption, or simply to generate negative publicity," Moody's said.

Regulators' response

The rating agency also predicts that regulators will become more proactive about cyberrisk.

"Regulatory requirements will increase as policymakers become more attuned to the dire consequences that cyberattacks can pose to financial stability," it said. "We expect regulators to play an instrumental role in introducing global cyber standards and promoting contingency planning within the industry."

One of the most common styles of cyber attack on banks is the distributed denial of service, or DDoS, attack, the report notes. In such attacks, hackers flood the bandwidth of servers, rendering them unusable to customers.

Numerous banks in the U.K. including the digital arm of Lloyds Banking Group PLC suffered such an attack in early 2017, with customers left unable to access their accounts for two days, Moody's noted, citing a report from the U.K. National Crime Agency. However, no accounts were compromised or hacked.

Other recent cyberattacks have had more serious consequences.

In July this year, Capital One Financial Corp., a U.S. domestic bank with a strong presence in the credit card market, was hit by a combined DDoS attack and a data breach which resulted in the information of over 100 million customers being compromised.

While DDoS is effective at paralyzing systems, malware is a "more versatile" form of attack that can be used for data theft or ransom, the report said. The risks from mobile ransomware are increasing as mobile banking becomes more widespread, the report added.