The International Monetary Fund has disclosed that financial institutions worldwide suffered a cumulative loss of $12 billion due to cyberattacks over the past two decades.
A recent release from the IMF’s April 2024 Global Financial Stability Report highlighted that $2.5 billion of this total loss occurred between 2020 and 2024.
The IMF expressed apprehension over the increasing frequency of cyberattacks targeting financial institutions globally, warning of potential repercussions on financial system confidence and economic stability.
“Financial firms have reported significant direct losses, totaling almost $12 billion since 2004 and $2.5 billion since 2020,” the IMF stated, underscoring the vulnerability of financial institutions to cyber threats due to the sensitive data and transactions they handle.
The report emphasized that cyber incidents pose a substantial operational risk to financial institutions, potentially undermining operational resilience and overall macrofinancial stability.
Factors contributing to the surge in cyber incidents include accelerated digital connectivity fueled by the COVID-19 pandemic and escalating reliance on technology and financial innovation.
Geopolitical tensions, such as those following Russia’s invasion of Ukraine in February 2022, have also been cited as potential catalysts for increased cyberattacks.
To bolster resilience in the financial sector, the IMF recommended the development of robust national cybersecurity strategies by central banks and authorities.
These strategies should include effective regulation and supervisory mechanisms, encompassing periodic cybersecurity assessments, promotion of cyber maturity among financial sector firms, enhancement of cyber hygiene practices, and prioritization of data reporting and incident sharing among financial participants.
Given that cyberattacks often originate from beyond a financial firm’s jurisdiction, the IMF stressed the importance of international cooperation to effectively address cyber risks. This collaboration is crucial for mitigating the cross-border nature of cyber threats and ensuring collective preparedness among financial institutions globally.
