By John O’Donnell and Huw Jones
FRANKFURT/LONDON (Reuters) – The European Central Bank is preparing banks for a possible Russian-sponsored cyber attack as tensions with Ukraine mount, two people with knowledge of the matter said, as the region braces for the financial fallout of any conflict.
The stand-off between Russia and Ukraine has rattled Europe’s political and business leaders, who fear an invasion that would inflict damage on the entire region.
Earlier this week, French President Emmanuel Macron shuttled from Moscow to Kyiv in a bid to act as a mediator after Russia massed troops near Ukraine.
Now the European Central Bank, led by former French minister Christine Lagarde and which has oversight of Europe’s biggest lenders, is on alert for the threat of cyber attacks on banks launched from Russia, the people said.
While the regulator had been focused on ordinary scams that boomed during the pandemic, the Ukraine crisis has diverted its attention to cyber attacks launched from Russia, said one of the people, adding that the ECB has questioned banks about their defences.
Banks were conducting cyber war games to test their ability to fend off an attack, the person said.
The ECB, which has singled out addressing cybersecurity vulnerability as one of its priorities, declined to comment.
Its concerns are mirrored around the world.
The New York Department of Financial Services issued an alert to financial institutions in late January, warning of retaliatory cyber attacks should Russia invade Ukraine and trigger U.S. sanctions, according to Thomson Reuters’ Regulatory Intelligence.
HIGH ALERT
The United States, the European Union and Britain have repeatedly warned Putin against attacking Ukraine after Russia deployed around 100,000 troops near the border with its former Soviet neighbour.
Earlier this year, multiple Ukrainian websites were hit by a cyber strike that left a warning to “be afraid and expect the worst”, as Russia had amassed troops near Ukraine’s borders.
Ukraine’s state security service SBU said it saw signs the attack was linked to hacker groups associated with Russian intelligence services.
Russian officials say the West is gripped by Russophobia and has no right to lecture Moscow on how to act after it expanded the NATO military alliance eastwards since the 1991 fall of the Soviet Union.
The Kremlin has also repeatedly denied the Russian state has anything to do with hacking around the world and said it is ready to cooperate with the United States and others to crack down on cyber crime.
Nonetheless, regulators in Europe are on high alert.
Britain’s National Cyber Security Centre warned large organisations to bolster their cyber security resilience amid the deepening tensions over Ukraine.
On Tuesday, Mark Branson, the head of German supervisor BaFin, told an online conference that cyberwarfare was interconnected with geopolitics and security.
The White House has also blamed Russia for the devastating NotPetya’ cyber attack in 2017, when a virus crippled parts of Ukraine’s infrastructure, taking down thousands of computers in dozens of countries.
The vulnerability was underscored again last year, when one of the globe’s largest-yet hacking campaigns used a U.S. tech company as a springboard to compromise a raft of U.S. government agencies, an attack the White House blamed on Russia’s foreign intelligence services.
The attack breached software made by SolarWinds Corp, giving hackers access to thousands of companies using its products, rippling through Europe, where Denmark’s central bank said that the country’s “financial infrastructure” had been hit.
Some, however, believe the Ukraine crisis has been blown out of proportion. Ukrainian President Volodymyr Zelenskiy accused Washington and media of fuelling panic.
(Writing By John O’Donnell; additional reporting by Pete Schroeder in Washington, Tom Sims in Frankfurt and Stine Jacobsen in Copenhagen)