U.S. Banks Plan for Cyber Attacks After Recent Russia Sanctions

Cyber experts and C.E.O.s have stated that banks in the United States are ready for retaliatory cyber assaults following the imposition of a slew of tough sanctions on Russia for its invasion of Ukraine.

When the United States and its allies barred several Russian banks from using the SWIFT international payment method and imposed restrictions on the Russian central bank’s international reserves, tensions between Russia and the West reached a boiling point Saturday.

For weeks, Western countries have warned that the escalation of tensions might result in huge cyberattacks by Russia or its allies in response. Some executives speculated that the latest measures were the catalyst for the change.

Steven Schweitzer, senior fixed earnings portfolio manager at the Swarthmore Group in New York, predicts that “they will take retaliatory measures, and I believe that they will do it in the least expensive way that they can do it,” which he believes would be “some kind of cyberattack.”

According to cyber security experts, global banks, which are already among the most vulnerable targets for cyberattacks even in times of peace, are increasing network monitoring, preparing for cyberattack scenarios, scanning their networks for threats, and preparing additional staff in case hostile activity increases.

They are prepared for a variety of hazards, including:

  • Malware and ransomware attacks are on the rise.
  • Websites are brought down as a result of denial-of-service attacks.
  • Data erasure and theft are two things that could happen simultaneously.

“Banks are extraordinarily well-prepared. They’ve pulled out their playbooks, and now it’s just a matter of practicing, practicing. More practicing, “Valerie Abend, who is in charge of Accenture’s global financial services security group, shared her thoughts.

A number of the nation’s largest financial institutions, including JPMorgan Chase & Co (JPM.N), Citigroup Inc (NASDAQ: C.I.T.), Bank of America Corp (BAC.N), Wells Fargo & Co, Morgan Stanley, and Goldman Sachs Group Inc, either did not respond to requests for comment or declined to discuss their cybersecurity strategies.

Global banks are subject to stringent operational risk regulations since they protect important national financial infrastructure. According to cyber security experts, the company has some of the most stringent cyber security measures in corporate America.

According to the organization, according to the Securities Industry and Financial Markets Association, which oversaw the exercise, the industry is constant preparations for attacks and recently completed a huge, system-wide ransomware scenario in November.

A more concentrated industry effort has been made in the months leading up to the invasion to guarantee that banks’ incident responders are on high alert and that they have intensified surveillance, according to Abend.

The Department of Financial Services in New York and the United States Cybersecurity and Infrastructure Security Agency has issued warnings to private enterprises to look for cyber-related dangers.

“If we weren’t ready for it, we wouldn’t be doing our due diligence,” said Teresa Walsh, head of intelligence at the Financial Analysis Center, an international collection of institutions that shares cyber intelligence.

“For the time being, they are only issuing generic warnings, such as “be prepared.” We’re attempting to give it a little more specificity at the moment, “Walsh went on to say more.

Walsh stated that banks have already brainstormed risk scenarios based on Russian hackers’ actions to prepare for the future. The 2020 SolarWinds Corp (SWI.N)software breach, which provided hackers with access to hundreds of firms that used the company’s products, is currently on everyone’s radar.

As a result, lenders increasingly focus their attention on third-party providers such as large cloud computing and software-as-a-service companies. Although banks themselves have large information technology budgets and stringent compliance systems, their data may be exposed if such service providers are hacked.

The authors of Walsh and Abend’s report state that banks require such partners to implement appropriate security protocols.

Walsh stated that they are also engaged in “threat hunting,” which involves searching for known hostile activities within bank information technology infrastructure, investigating prospective vulnerabilities, and testing any patches that have been applied recently.

“It’s all about being prepared rather than waiting until a disaster occurs,” Walsh continued.

SWIFT stop deals a crippling blow to Russia

According to experts, the decision by Western allies on Saturday to ban “chosen” Russian banks from the SWIFT payments system will have a crushing effect on the Russian economy and bring significant pain to their industries and financial institutions.

And there is still an opportunity for improvement on the part of the allies. The Society for Worldwide Interbank Financial Telecommunication (SWIFT) ensures quick cross-border payments. It has become the primary method of financing international trade.

If Russian banks are refused access to SWIFT, they will find it more difficult to interact with their foreign counterparts, even in friendly nations such as China, slowing trade and increasing the cost of transactions.

They have not yet specified which banks will be targeted by the allies, who have also promised Russia’s central bank limits to weaken its capacity to maintain the rouble’s value. According to sanctions and banking experts, this would be essential to the measure’s effectiveness.

In the words of Edward Fishman, a senior fellow at the Eurasia Center of the Atlantic Council think tank and an expert on economic sanctions, “the devil will be in the details.” “Let’s see which financial institutions they choose.”

According to him, if the list included the largest Russian banks, such as Sberbank V.T.B. and Gazprombank, it would be “an enormous deal.”

Sberbank and V.T.B. have already stated that they are prepared for any changes in the financial markets.

According to one analyst, the move to expel some Russian banks from SWIFT, though not all, may encourage “nesting,” in which Russian entities turn to non-sanctioned banks and huge multinational corporations instead to gain access to the global financial system.

Such a bypass for the Russians would cause compliance issues for global financial institutions. ‘It’s like a knife stabbed into the heart of the Russian banking system,’ said Kim Manchester, whose company delivers financial intelligence training programs to organizations.

Manchester said that the Biden government had been discriminating in its penalties, leaving room to tighten them even further by barring other institutions and finally instituting a blanket ban on the practice. “It’s like a slow-motion barrage.”

Devastating Blow

The consequences are expected to be catastrophic for the Russian economy and financial markets.

In the words of Sergey Aleksashenko, a previous vice chairman of the Russian central bank who now lives in America, “the sanctions are likely to have a significant impact on the rouble when markets open on Monday,” resulting in the disappearance of many imports into Russia.”

In addition, Aleksashenko stated that “a big sector of the economy has come to an end.” “Half of the consumer market is on its way out the door. If the payments for these things are not made, they will be lost forever.”

However, according to a former top Russian banker authorized to speak publicly requested anonymity, the impact may be mitigated if the listed banks were confined to those previously blocked and Russia’s central bank was allowed time to transfer assets to other jurisdictions.

“It makes no difference if the banks are already sanctioned; in that case, it makes no difference. On the other hand, if it is the top 30 Russian banks, it is a very different situation, “he explained.

“It all sounds extremely dramatic, and everyone is ecstatic, but in truth, it’s a political statement,” says the author.

U.S. sanctions against a small number of Russian financial institutions, including Sberbank and V.T.B., were previously announced and targeted the vast majority of the approximately $46 billion in daily foreign exchange transactions conducted by Russian financial institutions in direct violation of the law. The sanctions targeted nearly 80 percent of all banking assets in Russia.

As an alternative to the International Financial Transactions System (SWIFT), Russia has established its network, the System for Transfer of Financial Messages (S.T.F.M.) (S.P.F.S.).

It delivered over 2 million messages to the central bank in 2020, accounting for approximately a fifth of all Russian domestic traffic, intending to increase this share to 30 percent by 2023.

However, S.P.F.S., which limits the size of messages and only works on weekdays, has had difficulty recruiting new overseas members.

Economic Nuclear Weapon

The decision to stop Russian banks from using SWIFT was fraught with difficulty.

Other countries, including Germany, expressed concern about the potential damage to their economy and businesses. Ukraine called on Western nations to remove Russia from the payments system over the previous few days. Ukraine was joined in this effort by the United Kingdom.

Bruno Le Maire, France’s Finance Minister, described the SWIFT ban as a “financial nuclear weapon” in a statement released on Friday. If you have a nuclear bomb in your hands, you think twice before deploying it, he said in an interview with reporters.

However, the momentum turned when Russian forces launched an offensive against Kyiv, and hopes for a diplomatic solution were dashed completely.

At a press conference earlier on Saturday, Germany, which has the highest volume of commerce with Russia in the European Union, softened its stance and said it was searching for a method to remove Russia from SWIFT while minimizing collateral damage.

Manchester, the financial intelligence trainer, believes that the partial ban will encourage Russian banks to be more innovative in their attempts to gain access to the financial system.

Multinational corporations with significant treasury operations and banks with SWIFT access could emerge as the new financial transaction centers for financial transactions originating in Russia.

Nesting, he explained, was a major source of concern for global financial institutions, which would have to verify that any transactions they supported would not break Western sanctions regulations.

Manchester stated that he spoke with a contact in the financial crimes division of a major global bank on Friday.

He went on to say that such financial institutions may face severe regulatory fines if they fail to comply with regulations. “They’re up till the wee hours of the morning trying to make sense of everything that’s going on,” Manchester explained.