The G7 nations will be holding a simulated cyber-attack this month to test the possible effects of a serious malware infection on the financial sector.
The attack simulation was organised by the French central bank under France’s presidency of the Group of Seven nations (G7). The three-day exercise will be aimed at demonstrating the cross-border effects of such an attack and will involve 24 financial authorities from the seven countries, comprising central banks, market authorities and finance ministries. It has been reported that representatives of the private sector in France, Italy Germany and Japan will also participate in the simulation.
As reported in March in a report by the Carnegie Endowment for International Peace (co-developed with British defence company BAE Systems), state-sponsored cyber attacks on financial institutions are becoming more frequent, resulting in destructive and disruptive damages rather than just theft.
The report highlighted how, of the 94 cases of cyber attacks reported as financial crimes since 2007, the attackers behind 23 of them were believed to be state-sponsored. Most of these state-sponsored attacks are reported to have come from countries such as Iran, Russia, China and North Korea.
The report pointed out that the number of cyber attacks linked to nations jumped to six in 2018 from two in 2017 and two in 2016.
State-sponsored attacks can take the form of direct nation-state activity and/or proxy activity carried out by criminals and “hacktivists”.
State-Sponsored Attacks – Examples
An example of the kind of state-sponsored hacking that has led to the need for simulations is the attack by North Korean hackers on the Bank of Chile’s ATM network in January, the result of which was a theft of £7.5 million.
Also, in 2018 it was alleged that North Korean hackers accessed the systems of India’s Cosmos Bank and took nearly $13.5 million in simultaneous withdrawals across 28 countries.
As far back as 2016 North Korean hackers took $81 million after breaching Bangladesh Bank’s systems and using the SWIFT network (Society for Worldwide Interbank Financial Telecommunication). The perpetrators sent fraudulent money transfer orders to the New York branch of the U.S. central bank where the Dhaka bank has an account.
What Does This Mean For Your Business?
An escalation in state-sponsored attacks on bank systems in recent years is the real reason why, in addition to fending off cyber-criminals from multiple individual sources, banks have noted an evolution of the threat which has forced them to focus on sector and system-wide risks.
As customers of banks, businesses are likely to be pleased that banks, which traditionally have older systems, are making a real effort to ensure that they are protected from cyber-attacks, particularly the more sophisticated and dangerous state-sponsored cyber-attacks.