FCA Warning to Banks of Possible Russian Cyber Attacks

Conflict in Ukraine prompts fears of a ramping-up of Russia’s state sponsored cybercrime machine.

As Russia launched its invasion of Eastern Ukraine, banks in the UK and across Western nations have been urged to prepare for possible Russian cyber-attacks.

As tensions mounted in the days and weeks before the attack, the FCA wrote a letter to the CEOs of large lenders warning them that the financial sector is a likely target if relations between East and West deteriorate further.

A spokesperson for the FCA said,

“As you’d expect, we’re contacting firms to highlight the National Cyber Security Centre’s statement that organisations should bolster their cyber security resilience.”

The European Central Bank has also issued a reminder to European lenders to maintain their defences.

Cybercrime as a tool

Cybercrime has long been seen as a tool of the Russian state. In the lead up to the attacks, Ukrainian banks were hit by cyber attacks which briefly showed accounts as having zero balances. Ukraine blamed that attack on Russia, which it says is the largest of its type ever seen.

The likelihood of attacks was further increased as Western governments announced initial sanctions against Russia.

Speaking in the House of Commons, Boris Johnson targeted a number of Russian banks as well as three Oligarchs in what he describes as the first set of sanctions. While Germany had already announced it would be withdrawing its support for the Nord Stream 2 gas pipeline.

The risk of cyber crime from Russia comes in both active state sponsored actions and more passive behaviour such as turning a blind eye to groups operating in the country. For example, the attack on the Colonial pipeline in the US came from Russia-linked cybercrime organisation, Darkside. The attack prompted President Biden to issue a stark warning that cyber attacks could lead to a “real shooting war”.

Russia’s links to other high profile attacks

The Russian state has also been linked to a number of other high profile attacks against infrastructure in major Western countries, including the 2021 attack against the German parliament, in which politicians were targeted ahead of the elections. The German government attributed the action to Russia’s GRU military intelligence service. The US was the target in the 2020 Solar Winds attack which spied on organisations, individuals and the Departments of Homeland Security and the Treasury.

Russia routinely denies these allegations but cybercrime is an integral part of its hybrid war strategy as it seeks to destabilise rivals and increase its international influence. Russia also serves as a safe haven for many of the world’s top cybercrime organisations, such as Darkside, who operate on the understanding that they will not attack Russia’s national interests.

The threat of Russian cyber attacks, therefore, is not particularly new. However, with tensions ramping up between East and West and the likelihood of further sanctions, banks will need to be particularly vigilant. This is a chance to review processes to ensure all detection and prevention measures are as good as they possibly could be, and assess all areas of likely vulnerabilities. 

To speak to us or subscribe to our newsletter please contact us here.

Or message us via the chat icon in the bottom right corner of your screen.