European, U.S. regulators tell banks to prepare for Russian cyberattack threat
FRANKFURT/LONDON, Feb 9 (Reuters) - The European Central Bank is preparing banks for a possible Russian-sponsored cyber attack as tensions with Ukraine mount, two people with knowledge of the matter said, as the region braces for the financial fallout of any conflict.
The stand-off between Russia and Ukraine has rattled Europe's political and business leaders, who fear an invasion that would inflict damage on the entire region.
Earlier this week, French President Emmanuel Macron shuttled from Moscow to Kyiv in a bid to act as a mediator after Russia massed troops near Ukraine.
Now the European Central Bank, led by former French minister Christine Lagarde and which has oversight of Europe's biggest lenders, is on alert for the threat of cyber attacks on banks launched from Russia, the people said.
While the regulator had been focused on ordinary scams that boomed during the pandemic, the Ukraine crisis has diverted its attention to cyber attacks launched from Russia, said one of the people, adding that the ECB has questioned banks about their defences.
Banks were conducting cyber war games to test their ability to fend off an attack, the person said.
The ECB, which has singled out addressing cybersecurity vulnerability as one of its priorities, declined to comment.
Its concerns are mirrored around the world.
The New York Department of Financial Services issued an alert to financial institutions in late January, warning of retaliatory cyber attacks should Russia invade Ukraine and trigger U.S. sanctions, according to Thomson Reuters' Regulatory Intelligence.
The United States, the European Union and Britain have repeatedly warned Putin against attacking Ukraine after Russia deployed around 100,000 troops near the border with its former Soviet neighbour.
Earlier this year, multiple Ukrainian websites were hit by a cyber strike that left a warning to "be afraid and expect the worst", as Russia had amassed troops near Ukraine's borders.
Ukraine's state security service SBU said it saw signs the attack was linked to hacker groups associated with Russian intelligence services.
Russian officials say the West is gripped by Russophobia and has no right to lecture Moscow on how to act after it expanded the NATO military alliance eastwards since the 1991 fall of the Soviet Union.
The Kremlin has also repeatedly denied the Russian state has anything to do with hacking around the world and said it is ready to cooperate with the United States and others to crack down on cyber crime.
Nonetheless, regulators in Europe are on high alert.
Britain's National Cyber Security Centre warned large organisations to bolster their cyber security resilience amid the deepening tensions over Ukraine.
Britain's Financial Conduct Authority said it was contacting financial firms to draw their attention to the NCSC's warning.
On Tuesday, Mark Branson, the head of German supervisor BaFin, told an online conference that cyberwarfare was interconnected with geopolitics and security.
The White House has also blamed Russia for the devastating ‘NotPetya’ cyber attack in 2017, when a virus crippled parts of Ukraine’s infrastructure, taking down thousands of computers in dozens of countries.
The vulnerability was underscored again last year, when one of the globe's largest-yet hacking campaigns used a U.S. tech company as a springboard to compromise a raft of U.S. government agencies, an attack the White House blamed on Russia’s foreign intelligence services.
The attack breached software made by SolarWinds Corp, giving hackers access to thousands of companies using its products, rippling through Europe, where Denmark's central bank said that the country's "financial infrastructure" had been hit.
A spokesperson for SolarWinds said fewer than 100 customers were ultimately hacked.
Some, however, believe the Ukraine crisis has been blown out of proportion. Ukrainian President Volodymyr Zelenskiy accused Washington and media of fuelling panic.
Our Standards: The Thomson Reuters Trust Principles.