View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

IMF calls on global financial system to tighten cybersecurity

The IMF echoed wider concerns about a lack of understanding among banks as to the vulnerability of multiple interconnected systems to cyberattacks. 

By Greg Noone

The IMF has issued a warning to the global financial sector about its systemic vulnerability to cyberattacks. In a blog post published yesterday, the international regulator warned that not only is the risk of extreme losses from hacks rising but that the scale of the problem is such that it threatens the solvency of major banks. The IMF added that a major successful cyberattack against a trusted financial institution could disrupt payment systems and undermine wider confidence in global financial markets. 

“For example, a severe incident at a financial institution could undermine trust and, in extreme cases, lead to market selloffs or runs on banks,” wrote IMF experts Fabio Natalucci, Mahvash S. Qureshi and Felix Suntheim. “Although no significant “cyber runs” have occurred thus far, our analysis suggests modest and somewhat persistent deposit outflows have occurred at smaller US banks after a cyberattack.”

An exterior shot of the IMF headquarters in Washington DC.
The IMF is the latest international financial regulator to warn major banks about the systemic vulnerability of global financial markets to cyberattacks. (Photo by / Shutterstock)

IMF clarion call

Another major concern highlighted by the IMF was the increasing dependence of major banks on third-party IT service providers. While this could provide extra operational resilience for such institutions, it conceded, the outsourcing of so many complex functions to this tertiary ecosystem of technology firms has only increased the number of possible entry points for hackers into multiple banking systems. 

As such, said the IMF, “policies and governance frameworks at firms must keep pace” with the threat posed by cybercriminals to the wider financial services industry. It added that, in its judgement, current private sector incentives to address these concerns may prove “insufficient,” and that “public intervention may be necessary” in the form of national cybersecurity strategies. These should include close monitoring of systemic risks deriving from the interconnectedness of financial services with technology providers, said the IMF, as well as proactive measures to improve the cyber maturity and cyber hygiene of major institutions.

Severity of cyberattacks against financial sector growing

The growing vulnerability of the global financial system to cybercriminal organisations has been highlighted in several recent incidents. These include a hack in December, cited by the IMF, on the Central Bank of Lesotho – an attack that temporarily disrupted inter-bank transfers in the African nation. Meanwhile, another attack perpetrated against the Industrial & Commercial Bank of China’s US division in November rendered it temporarily unable to process trades on its computer systems, forcing it to hire bicycle messengers to deliver settlement details to concerned parties on thumb drives. 

Such incidents should impress upon banks how sophisticated the cybersecurity threat against their businesses has become, the University of Gloucestershire’s Professor Buck Rogers told Tech Monitor last year. “We’re against professionals with a[n] HR department, with objectives, with money they’ve got to earn, a family to support,” said Rogers. “And we need to match that.”

Read more: Big banks badly need a cybersecurity overhaul

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.