Menu
Banking Exchange Magazine Logo
Menu

‘Systemic’ Cyberattack Presents Real Risk for US Banks

Research from Fitch finds even well-prepared banks could suffer from ‘tail events’ from major cyberattacks

  • |
  • Written by  Banking Exchange staff
 
 
‘Systemic’ Cyberattack Presents Real Risk for US Banks

US banks face material risks from ‘systematic’ cyberattacks despite being able to withstand average modelled cyber risk losses, according to Fitch.

In a new report entitled “Quantifying US Bank Systemic Cybersecurity Risk” it was found that banks could still encounter material risks from tail events of major attacks.

The credit rating agency conducted an analysis with CyberCube to analyze the potential impact of systemic cyber events on 4,900 US banks under various scenarios over a one-year period.

CyberCube’s model focuses on “single points of failure” (SPoF) which includes technologies such as operating systems, and cloud service providers.

According to the report, a cyber-attack on a particular SPof could have a “cascading impact” on the identified connected banks.

“Our work with Fitch has identified the top threat scenarios for the US banking system, and the repercussions a cyber risk might have on an individual bank,” said Souki Chahid, principal product advisor at CyberCube.

“A greater understanding of the inherent risks faced by the banking sector will support banks in their decision-making with regards to their insurance purchasing and their operational risk.”

The financial cost of a cyber event can go beyond a requested ransom payment. Additional costs can also include data restoration, investigation and response, regulatory or legal fines, and brand damage.

“Systemic cyber risks are as important to analyze as idiosyncratic cyber risks,” said Fitch managing director Christopher Wolfe.

“Cyber risk is evolving into broader aggregations and concentrations within the vendor management and supply chain. An incident at a single critical third or fourth-party vendor could lead to significant business interruption losses.”

In July, US banks were among hundreds of companies hit by a global ransomware attack with criminals attempting to extort $70 million in ransom payments.

In that attack, Kaseya – which provides IT infrastructure to many banking companies throughout the country – was targeted by criminal hacking gang REvil.

Tagged under Risk Management; Feature3; Feature; Cyberfraud/ID Theft;

 
 

Related items

back to top

Sections

About Us

Connect With Us

Resources

Webinar: How Banks and Fintechs Are Building the New Payments Stack

Tuesday, June 30, 2026, 1:00 PM ET

As digital assets move into the mainstream, banks, fintechs, and payment providers are focused on a new challenge: how to build and scale products that deliver real business value.

In this session, Cross River and Fireblocks will explore how leading organizations are bringing digital asset products to market, the infrastructure decisions that shape growth and speed-to-market, and the lessons learned from teams building at scale today. From wallet architecture and custody models to vendor strategy and regulatory considerations, we'll discuss the foundational choices that can accelerate innovation — or create friction down the road.

Whether you're evaluating a new offering or scaling an existing program, you'll leave with a practical framework for understanding how digital asset infrastructure impacts business outcomes.

REGISTER NOW!