The IMF said the risk of significant financial losses from cyber incidents had increased dramatically.
It said: “Such losses could potentially cause funding problems for companies and even jeopardise their solvency. The size of these extreme losses has more than quadrupled since 2017 to $2.5b. And indirect losses like reputational damage or security upgrades are substantially higher.”
While the Fund did not call out specific countries for being responsible for attacks, it noted that the number of cyberattacks had surged in the wake of Russia’s invasion of Ukraine in February 2022.
The Washington-based institution added that attacks on financial firms now accounted for nearly a fifth of all attempted hacks, with commercial banks the most exposed.
It noted that JPMorgan, the world’s biggest bank by market value, has spent $15bn on technology to combat attacks and employed 62,000 people to help strengthen its defences.
America’s largest bank has reported experiencing 45bn cyber incidents a day.
While the IMF noted that there had been no significant bank runs so far as a result of cyber attacks, its analysis suggested that “modest and somewhat persistent deposit outflows have occurred at smaller US banks after a cyberattack”.
It said the financial system had suffered more than 20,000 successful cyber attacks over the past two decades, causing $12bn in losses.
The IMF added: “Cyber incidents that disrupt critical services like payment networks could also severely affect economic activity.”
The Fund called for more international cooperation to combat attacks, urging countries to adopt national cybersecurity strategies.
