Skip to main content

America’s largest bank is now spending billions of Dollars per year to defend itself against unrelenting waves of cyberattacks. Fed researchers have found that the interlinked nature of the banking system makes multiple institutions vulnerable to digital risks if just one firm’s systems are compromised. A preview of this played out just two months ago when ICBC Financial Services was slammed by a ransomware attack that effectively froze all of the broker’s operations and racked up a $9 billion bill with BNY Mellon. 

Though ICBC Financial had a sprawling parent bank that helped to backstop the firm with capital injections, containment may be more difficult in future scenarios. The SEC is currently rolling out new cybersecurity-focused rules on reporting and governance for publicly traded companies, but the recent breach of an official SEC social media account has shown the commission itself has neglected to implement basic protections against hackers at some levels.

Related ETF: First Trust NASDAQ Cybersecurity ETF (CIBR)

Financial markets and institutions face some of the most constant cyber risks. JPMorgan has disclosed that the bank now invests $15 billion per year and employs 62,000 technologists to counter about 45 billion potential attacks monitored on a daily basis. Mary Callahan Erdoes, head of JPMorgan Chase’s asset and wealth management division, said that the bank now has “more engineers than Google or Amazon”. On the same day, the Federal Reserve’s Vice Chair for Supervision, Michael Barr, addressed the second annual Conference on Measuring Cyber Risk in the Financial Services Sector and highlighted the impact of digital vulnerabilities in the banking system. Barr stated that researchers at the New York Fed recently found that “the impairment of a single large bank, a group of smaller banks, or a common service provider could be transmitted through the payments system and result in significant spillovers to other banks.” In essence, the weakest link puts the integrity of the entire chain at risk. Researchers also estimated that the potential impact of a cyberattack is systematically greater during stressed financial conditions, which is a very relevant point, considering three of the four largest bank failures in US history occurred last year and the underlying causes of those events remain a present threat in the banking system today.

It was just over two months ago that hacker group Lockbit hit the US brokerage unit of the Industrial and Commercial Bank of China (ICBC) with a crippling ransomware attack that froze automated trading and disrupted the exchange of US Treasuries. Reuters reports ICBC Financial Services was the sole settlement agent for BNY Mellon’s Treasury securities trading and, in the wake of the hack, ended up…

To read the complete Intelligence Briefing, current All-Access clients, SIGN IN

All-Access clients receive the full-spectrum of MRP’s research, including daily investment insights and unlimited use of our online research archive. For a free trial of MRP’s All-Access membership, or to save 50% on your first year by signing up now, CLICK HERE