Cyberattacks, not economy, could cripple banks in the future

Cyberattacks, not economy, could cripple banks in the future

Summary: A new report from KPMG suggests that cyberattacks might cause the next banking crisis -- rather than a poor global economy.

banking uk cyberattack

The next major industry shock the banking sector will face could be cybercrime rather than economic issues, according to consultancy firm KPMG.

The Bank Performance Benchmarking Report says that the banking industry has addressed a number of problems caused by the 2008 recession, with the U.K.'s top five banks "starting to get back on track."

Although investment health is still only half of what it was in 2005, lending and deposits grew in the first half of 2013. Cyberattacks and the threat of digital warfare mean that financial institutions may be left unprotected and vulnerable -- which in turn places consumers at risk and could potentially damage these signs of growth.

Cybercrime -- something U.S. officials consider a national security problem more serious than terrorism -- could result in a "new breed of cyberattack," KPMG says. Banks have seen a 12 percent rise in online account fraud in the past year, and both U.K. and U.S. banks suffered outages due to hacktivists in 2012.

Senior banking official Andrew Haldane told the U.K. parliament's Treasury Select Committee last year that four out of five of Britain's top banks believe that cyberattacks are their biggest threat.

"Six major U.S. banking institutions suffered website outages in 2012," the report says. "Their U.K. counterparts have escaped similar mass disruption assaults so far -- but they remain under pressure to ensure their critical systems are robust enough to cope with a failure."

HSBC was hit with a denial-of-service attack last year that left customers without access to their accounts for ten hours. The websites for the Bank of America, JPMorgan Chase, Wells Fargo, U.S. Bank and PNC Bank have all been hit by denial of service (DoS) attacks in the past year.

See also: What do cyberattacks mean for the banking industry?

The Izz ad-Din al-Qassam Cyber Fighters -- a reference to a Muslim holy figure who fought against European forces in the 1920s and 1930s -- took responsibility for the attacks on U.S. banks. The attacks were made in retaliation over film trailer "The Innocence of Muslims" -- hosted on YouTube but restricted for users in Egypt and Libya. Examples like this relate to KPMG's report, which states a shift of cyberattacks moving from financial crime to political attacks.

Service outages can not only cause consumers headaches, but may be a symptom of data theft and loss. In the financial world, service problems can breed chaos -- costing not only the banks a fortune in lost business, but potentially millions in compensation and network repair. All the while, the bank is dealt with a blow to reputation, and customers not only have to deal with the inconvenience but may also be upset and fail to understand the differences between different forms of attack.

Raj Samani, CTO of McAfee Europe said:

"KPMG is right to highlight the imminent cyber threat that is currently hanging over U.K. banks. This has been building over the past year and if financial institutions haven’t already made security their top priority, they should do so immediately."

Topics: Banking, Security, United Kingdom

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • obfuscation

    The things that led to the collapses of 2007 and 1987 still go on. When you offshore or devalue jobs en masse, people cannot pay back loans they budgeted for. Ramping up interest rates for homes or college loans or anything else... derivatives and toxic properties... no return of Glass-Steagall...
  • Hanlon's Razor Applies

    "Never ascribe to malice that which can be adequately explained by stupidity."

    It'll be far more likely that systems crash and corrupt data due to a software bug, than from a deliberate attack.
    • really?

      supporting facts?
      methinks you don't have any.
      • Bank and finance incompetence

        Last week Everbright Group caused a sixteen-point swing in the Shanghai index due to some rather odd trades. Officials at Everbright blamed it on computer error. Really, you need to pay attention to the details. The Devil's in them, guaranteed.
  • Sweep it under the rug?

    I'm sure that the bankers would like to have someone take the blame when their Ponzi scheme fails again.

    The corruption that existed in 2007 still exists today. Congress has done nothing to stem it nor have any of the perpetrators been jailed (well maybe one).

    Let's not give them a scapegoat to slip out of the next crash.

    On the other hand we might just be saved through a combination of the BASIL III agreements and the BRICKS alliance, along with several unnamed entities. Whistleblowers may also play a significant role in moving from a corrupt system to an equitable one.