Banks have been urged to prepare for an increase in cyberattacks as criminal seek to take advantage of potential chaos caused by coronavirus.
The European Central Bank (ECB) has written to financial institutions warning of the “critical need” to plan for the impact of a pandemic, which could leave firms more at risk due to mass staff absences.
“Banks could be challenged in their operational capabilities in affected areas should employees be unable to perform their usual tasks,” said Andrea Enria, chair of the ECB supervisory board, in a letter sent this week.
As well as a potential rise in cyberattacks, the letter warned of the risk of “increased cyber-security related fraud” targeting both customers and banks through methods such as phishing emails.
A “potential higher reliance on remote banking” could also put companies’ IT systems under strain, Mr Enria added.
The coronavirus outbreak has already prompted companies to ask more employees to work from home or spread them across different offices.
On Thursday, HBSC evacuated a floor of its London headquarters after an employee in the bank’s research division was diagnosed with coronavirus.
While banks have improved their defences against hackers in recent years, the ECB has called cybercrime and technology deficiencies some of the top risks for the industry this year.
Dr Asma Adnane, a computer science lecturer at Loughborough University, warned employees working remotely were “at high risk of attack” from cybercriminals looking to exploit open and unsecured networks.
“Working from home might be convenient and safer for you, but this might not be safer for the services and the data you are accessing remotely, especially if you are handling sensitive or personal data,” she said.
“Cybersecurity threats are generally higher as you are not connected via the secured workplace networks, which have adequate security measures that you do not see such as web filtering, firewall and encryption of data.
“Indeed, if you access sensitive data through unsafe networks, your connections could be intercepted, and the data compromised.”
The World Health Organisation (WHO) has said it is aware of “suspicious email messages attempting to take advantage of the 2019 novel coronavirus emergency”.
There have been reports of emails falsely claiming to be from WHO employees asking recipients to provide sensitive information or click on malicious links.
