Cyber risks 2020

The high and ever-growing dependency on and interconnectivity of information and communication technologies gives rise to pronounced vulnerabilities among Swiss financial institutions. For example, outages of and disruptions to IT systems, particularly those resulting from cyberattacks, can jeopardise the availability, confidentiality and integrity of critical services and functions. Depending on the nature of the cyberattack in question, this can have repercussions not only for individual financial institutions but on the functioning of the Swiss financial centre as a whole. The corona pandemic has increased this vulnerability as many employees of financial institutions are working away from their office, thus opening up new potential weak points for attackers.

During the lockdown in particular, cyberattacks became much more frequent and more intensive. For example, the distribution of malware increased, as did the number of phishing mails. Since August 2020, moreover, many of the supervised financial institutions informed FINMA about so-called DDoS attacks on their infrastructure. These “distributed denial-of-service” attacks attempt to disrupt the availability of an internet service by bombarding it with queries. In all cases, these attacks were accompanied by blackmail letters in which a bitcoin payment would have to be made in order to prevent a subsequent attack. This wave of blackmail attempts was not aimed exclusively at companies in the financial sector and was a global phenomenon.

Cybercrime overall is on the rise. This can potentially go as far as cyber sabotage of critical infrastructure, or the disclosure of stolen information. Moreover, the attackers are becoming increasingly professional and well organised. This makes it all the more important –but also more challenging – to prevent and combat the attacks effectively.

Dossier Cyberrisiken

A successful cyberattack can have serious consequences for the functioning of the Swiss financial centre. It may, for example, delay the provision of a financial service or even render it impossible. For the financial markets to function properly, institutions that provide integrated or interlinked services are particularly important – e.g. financial-market infrastructures, critical-service providers of key IT systems for the financial centre, and systemically important financial institutions. A successful attack on an institution of this kind could prove damaging both to other financial institutions and the Swiss economy as a whole. The reputational damage would be significant, and confidence in the Swiss financial centre would be undermined.

(From the Risk monitor 2020)

FINMA Risk Monitor 2020

Updated: 11.11.2020 Size: 0.48  MB
Add to personal download list