Moody’s warns a major securities sector hack is coming ‘sooner or later’

By James Langton | October 21, 2019 | Last updated on October 21, 2019
1 min read
Computer keyboard and the shadow of a hand. Theft of data.
© ginasanders / 123RF Stock Photo

Rising cyber risk in the securities sector poses a possible threat to the broader financial system, says Moody’s Investors Service.

In a new report, the rating agency said that the increasing digitization and interconnectedness of both securities firms and market infrastructure providers makes the sector “highly vulnerable to cyberattacks,” which could also represent a system-wide risk.

The list of possible attackers includes ideologically motivated hacktivists, criminals, nation states and insiders, Moody’s said.

The rating agency noted that hackers’ efforts are increasing and becoming more sophisticated “as the digitization of financial transactions creates a more target-rich environment.”

While the sector is well aware of the risk and deploys significant resources designed to detect, defend against and respond to cyberattacks, “sooner or later a damaging large-scale attack will occur,” Moody’s said.

Moody’s warned that the impact of such an attack could be substantial, both for the affected firm and for the financial system overall, noting that “a single, significant cybersecurity misstep could have material adverse business and credit consequences.”

“Much of the direct effect on a targeted company will depend on the nature, duration and severity of the attack, as well what allowed it to succeed. Any successful attack is likely to have financial, contractual, reputational and regulatory consequences,” Moody’s added.

For systemically important entities, such as central counterparty clearing houses (CCPs), Moody’s said that “the impact on counterparties and potential for government support will also come into play.”

James Langton headshot

James Langton

James is a senior reporter for Advisor.ca and its sister publication, Investment Executive. He has been reporting on regulation, securities law, industry news and more since 1994.