It seems that a new cyber attack hits the news each day, and now, the Reserve Bank of Australia has found they threaten our financial security.
The Financial Stability Review was released by the Reserve Bank this month. Within it, the institution warns cyber attacks pose a "significant threat" to our financial system.
Let's look closer into what the Reserve Bank of Australia had to say about the threat of cyber attacks.
Cyber attacks are on the rise globally
The Reserve Bank noted in its report the rising risk and occurrences of cyber attacks on Australia's financial institutions.
In fact, Australian banks face millions of cyber attacks each day.
One doesn't have to look far to find examples. For instance, a cyber attack on ASIC and the Reserve Bank of New Zealand hit the news in January, when attackers breached third-party software, Accellion FTA.
Other news-worthy attacks this year include the Russian-backed attack on United States-based Solar Winds Corp (NYSE: SWI), which experts estimate affected 18,000 of the company's customers. Another is the Chinese backed hacker who launched a worldwide attack on Microsoft Corporation (NASDAQ: MSFT) in March.
In 2018, the International Monetary Fund estimated direct losses from cyber attacks could be as high as 9% of total bank incomes globally – around US$100 billion annually.
Though, it wasn't just hacks and attacks that were highlighted as technological dangers to Australia's financial stability.
The Reserve Bank found, as digital platforms and service channels get more nuanced, their risk of failing becomes greater.
An example that may well be a bit too close to home is the ASX's technical issues that interrupted the trading day on 16 November 2020.
What can be done to prevent attacks?
The Council of Financial Regulators (CFR) have already begun working to find weaknesses in Australian financial entities' software.
The CFR coordinates Australia's main regulatory agencies, including the Australian Prudential Regulation Authority, the Australian Securities and Investments Commission, the Australian Treasury and the Reserve Bank.
Currently, it's conducting an 18-month pilot exercise of its Cyber Operational Resilience Intelligence-led Exercises (CORIE) framework.
CORIE is designed to test and demonstrate the cyber resilience of institutions in the Australian financial services industry.
It will be used to assess cyber resilience by testing selected financial sector entities to 'ethical hacking' exercises.
The Reserve Bank hopes CORIE will inform regulators of any systemic or institution specific cyber security risks.
