Espionage, theft, manipulation... Hackers are attacking central banks, forcing them to increase their cybersecurity. Central banks are focusing in particular on training their staff to deal with these cyberattacks.
The accounts of several political figures hacked
Cybersecurity is a key concern for central bankers. Last July, Christine Lagarde, current President of the European Central Bank (ECB), was the target of a computer attack. Posing as Angela Merkel, the hackers sent her an SMS using the former German Chancellor's telephone number. The message suggested an interview on WhatsApp and asked the former IMF President to provide her authentication codes, citing IT problems. As a precaution, Christine Lagarde did not respond. An investigation has been launched to determine how Angela Merkel's number could have been stolen, although " the attack was quickly detected and stopped, and no data was stolen ", reports an ECB spokesperson.
Political figures are not the only ones targeted by these large-scale computer attacks. Central banks and state institutions are also affected. Nicolai Tangen, head of Norway's sovereign wealth fund, told the Financial Times of his concerns. The fund, which has nearly 1,200 billion in assets under management, has seen the number of cyber attacks against it double in just 3 years. In total, more than 100,000 cyber attacks are recorded every year, 1,000 of which are considered serious.
Generally speaking, cyber attacks targeting financial players have risen sharply in recent months. Malware attacks rose by 11% in the first half of 2022, while ransomware attacks against financial institutions soared by 243% over the same period.
Increase the cybersecurity budget
Faced with the risks to which they are exposed on a daily basis, central banks in emerging countries have been increasing their dedicated cybersecurity budgets since 2020. Like central banks in developed countries, they are focusing on training their staff, encouraging them to adopt the right reflexes to prevent criminals from gaining access to sensitive information.
Despite these good resolutions, few institutions are leading by example. According to the central banks, those under their jurisdiction have increased their cybersecurity budget by less than 10%, and one in five has not increased it at all.
Among the most targeted players, fintechs have the most to lose, because when they fall victim to a cyber attack, they may be forced to make a public announcement. This announcement can affect their reputation and lead to a fall in their share price if they are listed.
Cyber-risk awareness is needed to effectively manage the operational and financial risks that cyber-attacks pose to banks and financial startups.