To protect the health of their workers during the COVID-19 pandemic, financial institutions have largely shifted their employees to working from home (WFH), increasing various cyber risks. During a two-month period early in the pandemic, “the use of remote access technologies such as the remote desktop protocol (RDP) and virtual private network (VPN)” increased by 41 percent and 33 percent, respectively. The authors posit a “strong link between the prevalence of WFH arrangements… and the incidence of cyber attacks between the end of February and June 2020.”
While 40 percent of cyber-risk incidents are carried out by malicious actors, the majority are unintentional errors, such as accidental data disclosures. Those purposely carrying out cyber attacks include governments, criminal organizations seeking financial gain, and individuals and groups motivated by social or political aims. Such attacks on financial institutions can lead to both reputational and financial losses, including due to the release of sensitive data.
While the perpetrators, intents and methods of cyber attacks have remained largely the same as before the pandemic, one report indicates that 25 percent of cyber incidents from August 2019 to August 2020 involved exploitation of the COVID-19 pandemic. Between February 2020 and April 2020, the number of cyber attacks related to COVID-19 rose from 5,000 to 200,000.
Since the start of the pandemic, the financial sector has been hit by 25 percent of total cyber attacks, the most of any sector, with payment firms, credit unions and insurers having been the most affected by the rise in phishing, suspicious scanning and other forms of malicious activity. Approximately 20 percent of financial firms reported disruptions to their networks.
The authors recommend: (1) Businesses prepare for more WFH long into the future; (2) Policymakers account for the “new normal” of WFH in legislation; (3) Policymakers respond to the shift of financial institutions toward the use of public cloud technology environments, as 82 percent of companies report increasing their cloud usage during the pandemic; and 4) Policymakers and businesses continue “strengthening their operational resilience” by cooperating globally and regionally on efforts such as simulating cyber attacks to identify vulnerabilities.
This is a summary of a paper by Iñaki Aldasoro, Jon Frost, Leonardo Gambacorta and David Whyte; published by the Bank for International Settlements (BIS); January 2021; 9 pages; available at https://www.bis.org/publ/bisbull37.pdf.
By Bradley Shulman, Research Associate
Additional Resources
BIS homepage
https://www.bis.org
Did you know that MicroCapital publishes the MicroCapital Monitor newspaper each month? Find out more at https://www.microcapital.org/products-page.
Similar Posts:
- SPECIAL REPORT: Leveraging Financial Inclusion to Get Food Security Back on the Increase #EMW2023
- MICROFINANCE PAPER WRAP-UP: “Gendered Investment Differences Among Smallholder Farmers: Evidence from a Microcredit Programme in Western Kenya,” by Keiji Jindo et al
- MICROFINANCE PAPER WRAP-UP: “Mobile Money, Interoperability and Financial Inclusion;” by Markus K Brunnermeier et al; published by National Bureau of Economic Research (NBER)
- MICROFINANCE PAPER WRAP-UP: “2023 Microfinance Index Report,” Published by 60 Decibels
- MICROFINANCE PAPER WRAP-UP: “Microfinance in India: Issues, Challenges and Opportunities;” by Mohammad Abu Saleh, Zubair Ahmad
