Cyber Attacks on Banks Skyrocket by 91% in Just Four Years

Banks have become increasingly vulnerable to cyber attacks as hackers become more sophisticated. Recent data from Stocklytics.com reveals a staggering 91% rise in cyber attacks on banks over the past four years.

The surge in attacks highlights the gaps in cybersecurity protocols and raises questions on whether people can trust financial firms for asset security.

The site’s financial analyst, Edith Reads, comments:

Cyber attacks are a key operational risk that could threaten financial institutions’ operational resilience and adversely affect overall macro-financial stability. The increasing reliance on digital platforms for financial transactions has expanded the attack surface for cybercriminals.

Stocklytics financial analyst, Edith Reads

Ransomware Attacks 2021-2024

In 2021, only 34% of financial institutions reported a global ransomware attack on their system. Since then, the number of affected banks has augmented perilously, with about 65% of financial institutions citing attacks in 2024.

2021- 2022 represents the highest disproportionate surge in ransomware attacks, with banks recording a 62% rise in overall attacks. In 2023, the situation further deteriorated, with nearly 64% of financial institutions falling victim to such attacks, representing a 16% rise from the previous year. 

According to the IMF, attacks on financial firms account for a fifth of all global cyber incidents, underscoring the financial sector’s unique targeting and widespread exposure to fraud and ransomware attacks. The large volumes of sensitive data and transactions these institutions handle make them inherently predisposed and readily targeted. 

A notable recent incident occurred in March 2024, when American Express customers were alerted to a potential breach involving unauthorized access to a third-party merchant processor. This compromise exposed names, account numbers, and card details, prompting affected customers to monitor their accounts for unauthorized transactions.

In a related trend, HSBC faced disruptive DDoS attacks in 2020 that temporarily paralyzed their online banking services. Such incidents underscore the evolving tactics of cybercriminals who target banks for ransom payments.

Why are Cyber Attacks on Financial Firms Rising?

According to an IMF survey, there is a significant shortfall in proper cybersecurity policy frameworks, particularly in emerging and developing economies. Alarmingly, only around half of the surveyed countries had a national, finance-focused cybersecurity strategy or dedicated cybersecurity regulations, underscoring the substantial gaps in cybersecurity preparedness across many regions.

Moreover, financial firms increasingly rely on third-party IT service providers, and this trend may accelerate with the growing adoption of artificial intelligence. While utilizing external IT service providers can enhance operational resilience, it also exposes the financial industry to potential systemic risks. For instance, a ransomware attack in 2023 on a cloud-based IT service provider led to simultaneous disruptions at 60 US credit unions, highlighting the financial sector’s vulnerability to such widespread shocks when relying on shared IT infrastructure. 

Besides, there are growing apprehensions that the rise of emerging technologies, including AI, will amplify the long-standing challenges associated with cyber resilience. A World Economic Forum report reveals that approximately 55.9% of respondents perceive generative AI as a more significant advantage to attackers. Meanwhile, 8.9% view it as conferring a more significant benefit to defenders. Until the role of AI in cybersecurity is resolved, hackers are poised to retain the advantage.