Cyberattacks in the financial sector have risen sharply since the onset of the Covid-19 pandemic, according to Global Financial Stability Report, a new report published in mid-April by the International Monetary Fund (IMF).
Before the pandemic, only once, in 2017, did the total number of cyber incidents exceed 10,000, but in each of the past four years, the annual total has been greater. Indeed, the number of ‘malicious’ incidents has more than doubled in the past five years, from around 5,000 in 2019 to more than 10,000 last year. Since 2004, the financial industry has suffered losses to the tune of $12bn.
The severity of potential losses is also on the rise. In 2017, the median estimated maximum firm loss was approximately $100m. That more than doubled in 2021, and the 90th percentile increased a massive five-fold, from half a billion dollars to $2.5 billion.
“Financial firms increasingly rely on third-party IT service providers and may do so even more with the emerging role of artificial intelligence. Such external providers can improve operational resilience, but also expose the financial industry to systemwide shocks,” says the IMF’s blog post. “While cyber incidents will occur, the financial sector needs the capacity to deliver critical business services during these disruptions. To this end, financial firms should develop, and test, response and recovery procedures and national authorities should have effective response protocols and crisis management frameworks in place.”
