trending Market Intelligence /marketintelligence/en/news-insights/trending/FHaCDLigVBuYt_mOCUKnUw2 content
Log in to other products

Login to Market Intelligence Platform


Looking for more?

Contact Us

Request a Demo

You're one step closer to unlocking our suite of comprehensive and robust tools.

Fill out the form so we can connect you to the right person.

If your company has a current subscription with S&P Global Market Intelligence, you can register as a new user for access to the platform(s) covered by your license at Market Intelligence platform or S&P Capital IQ.

  • First Name*
  • Last Name*
  • Business Email *
  • Phone *
  • Company Name *
  • City *
  • We generated a verification code for you

  • Enter verification Code here*

* Required

Thank you for your interest in S&P Global Market Intelligence! We noticed you've identified yourself as a student. Through existing partnerships with academic institutions around the globe, it's likely you already have access to our resources. Please contact your professors, library, or administrative staff to receive your student login.

At this time we are unable to offer free trials or product demonstrations directly to students. If you discover that our solutions are not available to you, we encourage you to advocate at your university for a best-in-class learning experience that will help you long after you've completed your degree. We apologize for any inconvenience this may cause.

In This List

Digitization puts banks at higher risk of cyberattack, Moody's says

StreetTalk – Episode 70: Banks' Liquidity Conundrum Could Fuel M&A Activity

Street Talk Episode 70 - Banks' Liquidity Conundrum Could Fuel M&A Activity

StreetTalk – Episode 69: Banks left with pockets full of cash and few places to go

Street Talk – Episode 69: Banks left with pockets full of cash and few places to go

Digitization puts banks at higher risk of cyberattack, Moody's says

Big banks in wealthier economies are at high risk of cyberattacks, as the vast amounts of data they hold makes them attractive targets for criminals, according to rating agency Moody's.

Meanwhile increased digitization creates new vulnerabilities, Moody's said in an Oct. 21 report.

Banks are at high risk from cyberattacks along with securities firms and market infrastructure providers, while asset managers and life insurers face medium risk, according to the report.

While losses from one-off thefts and fraud can hit a bank's profitability in the short term in the form of financial losses and fines from the regulator, data breaches caused by a cyberattack can result in much more far-ranging and "indeterminate" damage, according to the report. This can include higher funding costs, weaker growth and flight of deposits.

Systemic risk

An attack in the form of a major data breach could also imperil the broader financial system.

"A successful attack on a large, highly interconnected bank could pose systemwide risk," Moody's said.

So far, most cyberattacks have not impacted the creditworthiness of the banks affected, but there are a handful of notable exceptions, the rating agency said. Bulgaria's CorpBank was so badly affected by a bank run triggered by a mobile and social media campaign of misinformation by hackers that the central bank, Bulgarian National Bank took it under administration and then went on to revoke its license.

There are differences in the vulnerability to cyberattacks of banks in developing versus developed economies.

In the former, weak internal controls and a lack of regulation or laws concerning cyber security are more likely to create risks.

"Banks in developing markets tend to be smaller, with fewer resources and less developed risk-management infrastructure to identify exposures, take preventative measures and mitigate risk," the report said. "Smaller banks' limited resources to attract and retain sufficiently skilled IT talent means they will increasingly struggle to make the ongoing improvements required to build robust lines of cyber defense and keep up with increasing risk."

But banks in more developed economies are at risk of more sinister threats.

"Large institutions are at greater risk of sophisticated cyber attacks designed to steal or manipulate data, to create significant operational disruption, or simply to generate negative publicity," Moody's said.

Regulators' response

The rating agency also predicts that regulators will become more proactive about cyberrisk.

"Regulatory requirements will increase as policymakers become more attuned to the dire consequences that cyberattacks can pose to financial stability," it said. "We expect regulators to play an instrumental role in introducing global cyber standards and promoting contingency planning within the industry."

One of the most common styles of cyber attack on banks is the distributed denial of service, or DDoS, attack, the report notes. In such attacks, hackers flood the bandwidth of servers, rendering them unusable to customers.

Numerous banks in the U.K. including the digital arm of Lloyds Banking Group PLC suffered such an attack in early 2017, with customers left unable to access their accounts for two days, Moody's noted, citing a report from the U.K. National Crime Agency. However, no accounts were compromised or hacked.

Other recent cyberattacks have had more serious consequences.

In July this year, Capital One Financial Corp., a U.S. domestic bank with a strong presence in the credit card market, was hit by a combined DDoS attack and a data breach which resulted in the information of over 100 million customers being compromised.

While DDoS is effective at paralyzing systems, malware is a "more versatile" form of attack that can be used for data theft or ransom, the report said. The risks from mobile ransomware are increasing as mobile banking becomes more widespread, the report added.