Advertisement

German finance watchdog sees 'very big' risk of cyberattacks

AFP
AFP - [email protected]
German finance watchdog sees 'very big' risk of cyberattacks
A man is trained to deal with a simulated cyberattack. Photo: picture alliance/dpa | Roland Weihrauch

Germany's financial regulator BaFin warned Tuesday of the "very big" risk of cyberattacks targeting the financial sector, a threat it said had become "more likely" since Russia's war on Ukraine.

Advertisement

 "The risk that companies in the financial sector will fall victim to cyberattacks or that internal IT security incidents will occur is very big and very present," BaFin president Mark Branson told a press conference.

In extreme cases, "such incidents could damage the stability of the financial system", he said.

"Are we prepared for a really serious security incident? If we are honest, we don't know," Branson added.

Ukraine and its Western allies have been on heightened alert for potential Russian hacking attempts since Moscow invaded its neighbour on February 24th.

The "Five Eyes" intelligence sharing network -- consisting of the United States, Britain, Canada, Australia and New Zealand -- warned in April that "evolving intelligence" indicated Russia was planning massive cyberattacks against rivals supporting Ukraine.

Advertisement

The war in Ukraine "has made cyberattacks on the German financial sector more likely," Branson told reporters in Frankfurt.

The Bafin watchdog is monitoring the situation closely, he said, in cooperation with Germany's National Cyber Defence Centre. Bafin was also keeping financial firms updated on potential attack patterns, he said.

Last month's "Five Eyes" alert said Russian state-sponsored cyber actors have the ability to compromise IT networks, to steal large amounts of data from them while remaining hidden, to deploy destructive malware and to lock down networks with "distributed denial of service" attacks.

READ ALSO: EXPLAINED: How Germany is preparing to ward off future cyberattacks

The alert identified more than a dozen hacking groups, both parts of Russian intelligence and military bodies and privately operated, which present threats.

Germany has in recent years repeatedly accused Russia of state-sanctioned hacking efforts.

The most high-profile incident blamed on Russian hackers to date was a cyberattack in 2015 that paralysed the computer network of the lower house of parliament,  the Bundestag, forcing the entire institution offline for days while it was fixed.

Russia denies being behind such activities.

More

Join the conversation in our comments section below. Share your own views and experience and if you have a question or suggestion for our journalists then email us at [email protected].
Please keep comments civil, constructive and on topic – and make sure to read our terms of use before getting involved.

Please log in to leave a comment.

Anonymous 2022/05/04 14:39
Until last year I worked at a major IT solutions provider focused on this topic, and was responsible for offering Disaster and Cyber Incident Protection and Recovery solutions to companies in Germany. I ended up taking on a different role out of frustration, because most German firms (across all industries, not just banking/finance) are uninterested in this topic. The German firms believe: - It won’t happen to them (even though it has, and does) - Their contracts with offshore IT operations management outsourcing companies will somehow protect them (they don’t) - They can buy an insurance policy for less money than actual protection/recovery capabilities, which will protect them financially (insurance companies are refusing to pay out on preventable Cyberattack claims) The result is that most German firms are extremely vulnerable to Cyberattack, and some of the largest and well-known firms in Germany might not survive a strong attack.

See Also