The surge of cyber attacks on the financial services sector, prompted by staff working from home, are likely to continue, the Financial Stability Board (FSB) says.
The FSB, which coordinates financial guidelines for the G20 group of nations, said the pandemic-induced trend of working from home opened up new opportunities for cyber attacks.
In their interim report on “Lessons learnt from the COVID-19 pandemic from a financial stability perspective” the FSB acknowledged that working from home is expected to stay in some form across the financial services industry and beyond.
Cyber activities, including phishing, malware and ransomware, grew from less than 5,000 per week in February 2020 to more than 200,000 per week in late April 2021, the FSB said.
“Most cyber frameworks did not envisage a scenario of near-universal remote working and the exploitation of such a situation by cyber threat actors,” the FSB said.
Chaired by federal reserve vice chair Randal Quarles and comprising regulators and central banks from leading financial centres, the FSB is an international body that monitors and makes recommendations about the global financial system.
“Financial institutions have generally been resilient but they may need to consider adjustments to cyber risk management processes, cyber incident reporting, response and recovery activities, as well as management of critical third-party service providers, for example cloud services,” the FSB advised.
The board said a final report will be published in October with more guidance on next steps set out.