With geopolitical tensions on the rise, financial institutions are being hit by state-sponsored cyber attacks − BAE Systems
Financial institutions are increasingly under threat from cyber attacks by state-sponsored hackers, according to BAE Systems director of cyber services James Hatch.
As part of the critical infrastructure at national and global levels, financial institutions are being targeted by hackers with ethical motivations – known as hacktivists − and by state-sponsored hackers.
The difference between hacktivists and state-sponsored hackers, is that hacktivists are more antagonistic and public with their endeavours, in the hope that their actions will inflict some reputational damage on an organisation and spread a message. Meanwhile state-sponsored hackers operate covertly, with arguably more menacing intentions, such as espionage and data theft.
Speaking at the Financial Institutions Risk Forum hosted by StrategicRISK and Zurich Global Corporate in October, Hatch said: “An attack may have nothing to do with the organisation, but it may get caught in the middle of political cyber warfare.”
Geopolitical tensions between the West, Russia and China, among others, are arguably increasing the risk levels for financial institutions.
For example, earlier this year, the US and China became embroiled in a dispute regarding cyber espionage, with each side accusing the other of cyber spying.
Moreover, recent attacks on several major US banks, including JPMorgan Chase, aroused media suspicion that the culprits may have been based in Eastern Europe. Although no official statements were made to support such assertions, the FBI is now investigating these incidents.
Rising geopolitical tensions are putting financial institutions in an increasingly precarious position and enhances their status as potential targets for politically motivated and state-sponsored hackers. As a result, some of the major financial institutions are beginning to establish sophisticated defence programmes.
Hatch said: “Many of our customers are becoming more interested in the political risk that is related to the cyber space.
“Larger organisations are now setting up intelligence capabilities that are closer to what traditionally has been done by national security than commercial business, although different techniques and legal frameworks apply for them.”