How banks operating in Russia deal with cyber risk

Banks operating in Russia fear they may have to cope with an increase in cyber-attacks as a result of international sanctions against Moscow. To protect themselves against these risks, banks are trying to isolate their Russian subsidiaries from the rest of the group.

Cyber risk: reinforced surveillance

While the number of cyberattacks against European banks based in Russia has not increased to date, the risk has risen considerably since the invasion of Ukraine. Financial institutions fear that cyber attacks could be used as a means of retaliating against economic sanctions imposed by the European Union and its allies.

" The information we have received from national authorities does not point to a significant increase in cyber attacks over the past two weeks ", declared José Manuel Campa, Chairman of the European Banking Authority (EBA), in an interview with the daily Les Echos on March 16, before adding that surveillance had nevertheless been stepped up.

This apparent calm is explained, according to some professionals, by the fact that banks are of secondary importance to hackers, who are targeting more strategic infrastructures such as the Swift system. Moreover, Russian hackers are already busy trying to counter the Anonymous attacks, which have targeted several government sites and hacked TV channels.

Isolate Russian subsidiaries from parent companies to reduce risks

Whatever the case, banks operating in Russia are looking ahead to protect themselves against possible cyber-attacks. The primary objective is to isolate the Russian subsidiaries of the parent companies as much as possible, both in terms of IT systems and communications.

This is what Societe Generale has done with its Russian subsidiary Rosbank, which has 12,000 employees in the country. Communications between the head office and the Russian subsidiary are reduced to the bare essentials, making it impossible, for example, to send large files in either direction. At the same time, the group has set up a highly secure messaging system, used only by a limited number of people.

Germany's leading bank, Deutsche Bank, cannot afford to implement similar measures. It employs 1,500 IT specialists in Russia, who account for a quarter of its investment banking workforce. They develop software essential to its corporate banking and trading activities, sensitive tasks which are currently partly transferred out of the country.

For BNP Paribas, things are much simpler. Its presence in Russia is limited, making it easier to isolate the local subsidiary without jeopardizing the Group's business. Since the beginning of March, employees based in the country have no longer had access to the internal IT network, although communication with the parent company has not been severed.

According to some experts, banks did not wait for the invasion of Ukraine to prepare for this type of computer attack. Many, like Société Générale Group's Russian subsidiary Rosbank, already have the infrastructure they need to continue operating despite the isolation measures put in place as a precaution.