IDEAS home Printed from
   My bibliography  Save this article

Financial institutions and cyber crime – Between vulnerability and security


  • Gaumer, Q.
  • Mortier, S.
  • Moutaib, A.


In the current world, financial institutions, like other companies, have become increasingly dependent on their information systems. These systems allow them to conduct business transactions (transfers, account management, withdrawals, etc.) and at the same time exercise control over the information exchanged. More and more, information is becoming the target of cyber attacks from different groups of cyber criminals. They use strategies such as social engineering (human intelligence, manipulation) or more sophisticated techniques (such as advanced persistent threats – see the case of Carbanak). 2015 was a major year for cyber security actors. The cyber crime events of that year were highly instructive for the banking sector, enabling them to adjust their defence tactics and increase their resilience. Despite the efforts of security companies and the evolution of CISOs’ (Chief Information Security Officer) strategies, cyber criminals are constantly updating their fraud methods. Security actors now have to increase their awareness of cyber crime techniques and enhance their monitoring in order to face the new threats to corporates, including those targeted at the banking sector. As observed last year, hackers have started to shift towards a strategy where they target financial institutions instead of end-users. There were many examples of attacks on point-of-sale systems and ATMs with a significant financial impact for the banks. The trend should be maintained over the coming years, with hackers increasingly trying to find breaches in stock markets and payment systems. In addition, cyber criminals are already shifting their focus to smartphones due to the growing use of smart mobile devices. On the one hand, alternative payment systems such as Apple Pay or Google Pay will push hackers to monetise fake stolen credit cards. On the other hand, the spread of transactional malwares on mobile devices is likely to increase markedly. Improving resilience is a major financial stability issue, as it is vital to prevent cyber attacks or IT failures from escalating into systemic crises. However, creating the best possible protection for financial institutions will never reduce to the risk of a cyber attack to zero. Financial institutions also need to have the best possible plans to resume their activities as quickly and efficiently as possible after a breach in their IT systems.

Suggested Citation

  • Gaumer, Q. & Mortier, S. & Moutaib, A., 2016. "Financial institutions and cyber crime – Between vulnerability and security," Financial Stability Review, Banque de France, issue 20, pages 45-52, April.
  • Handle: RePEc:bfr:fisrev:2016:20:5

    Download full text from publisher

    File URL:
    Download Restriction: no

    More about this item


    Access and download statistics


    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:bfr:fisrev:2016:20:5. See general information about how to correct material in RePEc.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: . General contact details of provider: .

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Michael brassart (email available below). General contact details of provider: .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service hosted by the Research Division of the Federal Reserve Bank of St. Louis . RePEc uses bibliographic data supplied by the respective publishers.