home Software Applications The threat: ‘Armageddon’ cyber attack on banks

The threat: ‘Armageddon’ cyber attack on banks

Mar 8, 2015

This post is also available in: עברית (Hebrew)

This threat is an imminent – and the U.S is not ready.

A New York financial regulator recently said he is considering new rules to protect against “an Armageddon-type” cyber attack that would devastate U.S. financial markets.

Ben Lawsky, head of New York’s Department of Financial Services (DFS), said he fears a large enough hack on Wall Street firms could “spill over into the broader economy”. The effect could resemble the mortgage meltdown of 2008.

“We are concerned that within the next decade, or perhaps even sooner, we will experience an Armageddon-type cyber event that causes a significant disruption in the financial system for a period of time.” Lawsky was quoted by USA Today while speaking at Columbia Law School. He called such an attack a “cyber 9/11.”

According to USA Today, Lawsky said he is considering new rules to force banks and insurance companies regulated by DFS to better protect themselves against hackers.

DFS has regulatory oversight over dozens of N.Y. licensed banks and insurance companies, including Goldman Sachs, MetLife and Barclays. As head of DFS, Lawsky has power to punish banks for bad behavior and to impose new standards on their operations.

To help prevent against a devastating hack, Lawsky said he wants to add cyber security to the grades DFS gives the banks and insurance companies it regulates. Financial firms “care deeply” about their grades because they can impact their ability to pay dividends or acquire other companies, Lawsky said.

DFS could also mandate multifactor authentication systems for employees of DFS-regulated financial firms. Single-step passwords “should have been dead and buried many years ago,” Lawsky said.

Lawsky may also require banks and insurance companies licensed by DFS to get guarantees from third-party vendors that their security meets certain standards. Such vendors can often acts as a “backdoor entrance for hackers,” he said.

Lawsky’s warning of a cyber attack on Wall Street follows a report last week warning of a band of international cyber crooks who have taken to infiltrating banks’ internal systems instead of going after their customers. According to this cyber security report, there widespread evidence that hackers have stolen up to $1 billion from 100 banks across 30 countries this way. Nevertheless, the report could not name companies and institutions, not specify the time frame. It is estimated, though, that the report covers the past 24 months.