IMF Report: Financial Institutions Lose $12 Billion to Cyberattacks Over 20 Years

The International Monetary Fund (IMF) recently disclosed in its April 2024 Global Financial Stability Report that financial institutions worldwide have lost a staggering $12 billion to cyberattacks over the past two decades.

• “Financial firms have reported significant direct losses, totaling almost $12 billion since 2004 and $2.5 billion since 2020,” the IMF stated.

This has raised concerns about the increasing frequency of cyberattacks on financial institutions globally. 

The IMF warns that such attacks could undermine confidence in the financial system and potentially destabilize economies.

According to the IMF, banks are the primary targets of cybercriminals due to the sensitive data and transactions they handle. 

• “Attacks on financial firms account for nearly one-fifth of the total, of which banks are the most exposed. Incidents in the financial sector could threaten financial and economic stability if they erode confidence in the financial system, disrupt critical services, or cause spillovers to other institutions.

These attacks pose a serious threat to financial and economic stability by disrupting critical services and eroding confidence in the financial system.

One example cited by the IMF is a cyberattack on the Central Bank of Lesotho in December, which disrupted the national payment system and prevented domestic bank transactions.

The Threat to Financial Stability

The IMF also notes that financial institutions in advanced economies, particularly in the United States, are more exposed to cyber incidents than those in emerging markets and developing economies.

The IMF highlights the case of JPMorgan Chase, which faces an overwhelming 45 billion cyber events per day. Despite investing heavily in technology and employing thousands of technologists focused on cybersecurity, financial institutions remain vulnerable to cyber threats.

The IMF emphasizes that cyber incidents represent a significant operational risk that could jeopardize the resilience of financial institutions and threaten overall macro-financial stability.

Several factors contribute to the rise in cyberattacks, including rapid digital connectivity accelerated by the COVID-19 pandemic and increasing dependence on technology and financial innovation. Geopolitical tensions, such as those arising from conflicts like Russia’s invasion of Ukraine in 2022, also exacerbate cyber risks.

Mitigation Strategies: IMF’s Recommendations

To address these challenges, the IMF calls for central banks and authorities to develop robust national cybersecurity strategies and effective regulation. 

Key priorities include assessing the cybersecurity landscape, fostering cyber maturity among financial sector firms, improving cyber hygiene, and promoting information sharing among stakeholders.

Given the transnational nature of cyber threats, international cooperation is essential to effectively combat cyber risks that transcend borders.