As the name suggests, this isn’t the first Quantum Dawn. The original drill was in November 2011, and it attracted scant attention and only about half as many participants. But that was before a wave of cyberattacks last fall, when big banks were forced to temporarily shut down their websites after attackers bombarded them with traffic — akin to overwhelming a phone line with too many calls.
“If you went to banks three years ago, and said, ‘What are your top five risks?’, probably none of them would put cyber on there,” said Karl Schimmeck, SIFMA’s vice president for financial services operations. Now, he said, the calculation has changed.
The barrage: Software giant Symantec calculates that cyberattacks against U.S. businesses jumped 42 percent last year. Banks, though, are reluctant to give more details about how they’re affected, financially or otherwise, for fear of becoming a target, and attacks often go undetected and unreported.
High alert: Whatever the number, banks and the government are on high alert. President Barack Obama warned about international hacking against the banking industry in February’s State of the Union address. He later met with JPMorgan CEO Dimon, Bank of America CEO Brian Moynihan and other business leaders to discuss the threat.
Big banks have started listing cyberattacks as a potential risk factor in filings for regulators and investors. The Office of the Comptroller of the Currency, which regulates national banks, recently held a call with community bankers to warn them that they’re not free from danger either: Since September, attacks have been increasingly aimed at businesses with fewer than 250 employees, the OCC says.
Impossible victory? Banks realize the threat isn’t going away. If anything, the possibility of an online attack will grow as customers do more transactions online and banks outsource operations to other companies whose systems might not be as secure.