US banks brace for cyberattacks after latest Russian sanctions


WASHINGTON, Feb 27 (Reuters) – U.S. banks are bracing for retaliatory cyberattacks after Western countries imposed a series of tough sanctions on Russia for invading Ukraine, cyber experts and executives said.

Tensions between Russia and the West escalated on Saturday as the United States and its allies moved to block some Russian banks from the SWIFT international payment system and limit the Russian central bank’s international reserves.

Western governments have warned for weeks that the tensions could trigger massive cyberattacks from Russia or its supporters. Some leaders said the latest measures could be the trigger.

Join now for FREE unlimited access to


“They will retaliate, and I think they can do it in the cheapest way – that means some kind of cyber attack,” said Steven Schweitzer, senior bond portfolio manager at Swarthmore Group in New York. .

Cybersecurity experts say global banks, already prime targets for cyberattacks in peacetime, are increasing network monitoring, scanning their networks for cyberattacks, scanning their networks for threats and lining up additional staff in the event of an upsurge in cyberattacks. hostile activities.

Among the threats they are preparing for are: ransomware and malware attacks; denial of service attacks that take down websites; and data erasure and theft, possibly simultaneously.

“Banks are incredibly prepared. They’ve pulled out their playbooks and it’s practice, practice, practice,” said Valerie Abend, who leads Accenture’s global financial services security group.

The largest US banks, JPMorgan Chase & Co (JPM.N), Citigroup Inc (CN), Bank of America Corp (BAC.N), Wells Fargo & Co, Morgan Stanley (MS.N) and Goldman Sachs Group Inc ( GS .N), either did not respond to requests for comment or declined to discuss their cybersecurity plans.

As guardians of critical national financial infrastructure, global banks are subject to strict operational risk rules and apply some of the highest cybersecurity standards of American companies, according to cybersecurity experts.

According to the Securities Industry and Financial Markets Association, which led the exercise, the industry regularly plans attacks and conducted a massive system-wide ransomware exercise in November.

Prior to the invasion, there was a more concerted industry effort to ensure banks’ incident responders are on high alert and have heightened surveillance, Abend said. .

The New York Department of Financial Services and the US Cybersecurity and Infrastructure Security Agency have warned private companies to be vigilant against cyber threats.

“We wouldn’t be doing due diligence if we weren’t preparing for this,” said Teresa Walsh, global head of intelligence at the Financial Services Information Sharing and Analysis Center, an international group of institutions that share cyber intelligence.

“Right now they’ve cautioned against generalities – just be prepared. We’re trying to make that clear,” Walsh added.

Walsh said the banks had thought through risk scenarios based on tactics Russian hackers had used in the past. The breach of 2020 SolarWinds Corp (SWI.N) software, which gave hackers access to hundreds of companies using its products, is a priority.

This has increased lenders’ focus on third-party vendors such as large cloud computing and software-as-a-service companies. While the banks themselves have large IT budgets and strict compliance programs, if these providers are hacked, their data could be exposed.

Banks are urging these partners to ensure they have the right security protocols in place, according to Walsh and Abend.

They’re also “threat hunting,” looking for known malicious behavior in banks’ computer systems, examining potential vulnerabilities and testing anything they’ve had to patch recently, Walsh said.

“It’s about being prepared and not waiting for when the crisis happens,” Walsh added.

Join now for FREE unlimited access to


Reporting by Elizabeth Dilts Marshall; Written by Michelle Price; Additional reporting by Pete Schroeder, Davide Barbuscia and Matt Scuffham; Editing by Will Dunham

Our standards: The Thomson Reuters Trust Principles.


About Author

Comments are closed.