Connect with us

Hi, what are you looking for?



IMF: Financial Firms Lost $12 Billion to Cyberattacks in Two Decades

The financial sector has suffered over 20,000 cyberattacks in two decades, causing more than $12 billion in losses.


Over the past two decades, organizations in the financial sector were victims to over 20,000 cyberattacks that caused more than $12 billion in losses, the International Monetary Fund (IMF) says.

Citing an increase in cyberattacks targeting financial firms, especially banks, IMF’s April 2024 Global Financial Stability Report (PDF), also underlines an increased risk of extreme losses caused by cyber intrusions.

“Such losses could potentially cause funding problems for companies and even jeopardize their solvency. The size of these extreme losses has more than quadrupled since 2017 to $2.5 billion. And indirect losses like reputational damage or security upgrades are substantially higher,” the IMF says.

Financial organizations are at the receiving end of roughly one fifth of all cyberattacks, with cybercriminals seeking to steal money or disrupt economic activities.

Should such incidents undermine the financial system’s credibility, these cyberattacks could lead to economic instability, potentially leading to market sell-offs and bank runs, the IMF claims.

To date, no significant ‘cyber runs’ have been observed, but modest deposit outflows did occur at smaller US banks following a cyberattack.

“Cyber incidents that disrupt critical services like payment networks could also severely affect economic activity,” such as the attack on the Central Bank of Lesotho that disrupted the national payment system, the IMF says.

The reliance on third-party IT services providers and the rise of AI use could expose financial institutions to additional risks, such as outages caused by ransomware attacks on the service providers, and AI-related data leaks.

Advertisement. Scroll to continue reading.

“With the global financial system facing significant and growing cyber risks from increasing digitalization and geopolitical tensions, policies and governance frameworks at firms must keep pace,” the IMF points out.

According to the United Nations financial institution, these risks can be mitigated through effective regulations and adequate national cybersecurity strategies that include cybersecurity landscape assessments, a push for cybersecurity maturity, improved security hygiene, and incident reporting prioritization.

International collaboration is also essential in the current landscape, where cyberattacks often occur from outside an organization’s country, the IMF also notes.

IMF’s warning comes less than a month after news broke that nearly a dozen IMF email accounts were hacked in February 2024.

Related: Prudential Financial Data Breach Impacts 36,000

Related: Windows Zero-Day Exploited in Attacks on Financial Market Traders

Related: Bank of England Will Review the Risks That AI Poses to UK Financial Stability

Written By

Ionut Arghire is an international correspondent for SecurityWeek.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.


People on the Move

Fastly announced that Scott Lovett will join the company as Chief Revenue Officer, effective June 3, 2024.

Digital transformation consulting firm Synechron has hired Aaron Momin as CISO.

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

More People On The Move

Expert Insights