The Growing Threat of Cyber Attacks in the Financial Sector: A Closer Look at AI and Regulatory Measures

The financial system is facing a growing threat from cyber attacks, with the frequency and sophistication of these attacks increasing significantly in recent months compared to before the COVID-19 pandemic. This has prompted concerns among regulators and financial institutions about the potential impact of successful cyber attacks on major institutions.

The Bank of Mexico (BdeM) emphasized this risk in its latest Financial Stability Report, highlighting the importance of maintaining surveillance and prevention measures against cybersecurity risks. One area of particular concern is the growing use of artificial intelligence (AI) in the financial sector, which offers many benefits but also introduces new risks when exploited by cybercriminals.

AI can be used to create sophisticated phishing emails or websites that are difficult to detect, making it harder for financial institutions to defend against attacks. It can also be used for spreading fake news, which can erode trust and create expectations that lead to adverse outcomes like bank runs. The central bank is closely monitoring the adoption of AI in the financial sector and incorporating AI-related risks into its risk management practices.

In terms of specific threats, regulated financial institutions reported two cyberattacks over the past six months, which were responded to promptly without any economic impact on clients or significant disruptions to banking operations. Cybercriminal groups, ransomware attacks, and credit card information vendors were identified as the most recurrent threats during this period. The BdeM emphasized the importance of safeguarding electronic transfer services and channels from such threats to ensure the integrity of the financial system.