Online attacks by ever-skillful hackers are a growing threat to the stability of the US financial system, according to a report by a top-level government panel released Tuesday.
The 2015 report by the Financial Stability Oversight Council said that although US banks and financial businesses have been leaders in erecting barriers to hackers, cyber attacks still present a potential systemic danger.
“Over the past year, financial sector organizations and other US businesses experienced a host of notable cyber incidents, including large-scale data breaches that compromised financial information,” the report said.
“While security technologies and user awareness are improving, malicious cyber activity is likely to continue in the future. Even more concerning is the prospect of a more destructive incident that could impair financial sector operations.”
The report noted vulnerabilities in the banking industry through interconnected systems that cover payments and clearing, for example.
It also pointed to the various services which run crucial infrastructure for the wider industry. “The concentration of key services may create the risk of a cyber incident impacting many organizations simultaneously, with significant impacts.”
In addition, it warned that attackers could infect equipment from industry suppliers with malicious software that can be hard to detect.
Last year hackers took aim at JPMorgan Chase and a number of other banks, stealing customer and other data in an operation which sparked concerns at the highest levels of government.
In February, Russian computer security firm Kaspersky Lab said a hacker group had conducted a two-year wave of cyberattacks on around 100 banks worldwide, including some in the United States, costing them up to $1 billion.
The FSOC, which represents key US financial regulators and is led by Treasury Secretary Jacob Lew and Federal Reserve Chair Janet Yellen, noted that one recent attack on an entertainment company was not simply to steal information — it rendered its computers inoperable.
That “suggests a higher level of sophistication” among cyber attackers, it warned.
“Financial firms should assume they will be subject to destructive attacks and develop capabilities and procedures to resume operations,” it said.
In a meeting on the report, Yellen said that, in terms of vulnerabilities to catastrophic economic events like the 2008 crisis, US banks “have made great strides” in achieving higher capital standards “so they can continue to operate even on unfavorable conditions such as prolonged severe recession.”
But she added that regulators are prepared to further strengthen standards “to promote financial stability.”