It is a global cyberattack, which is not ignoring the banking sector. On Sunday evening, the European Banking Authority (EBA), located in La Défense, explained that it was among the victims of the attack targeting e-mails exchanged via Exchange, Microsoft’s electronic messaging tool, which is very widespread in companies. Western.
The EBA ” has been the subject of a cyberattack on its Microsoft Exchange servers, which affects many organizations around the world. The Agency promptly launched an in-depth investigation, in close cooperation with its ICT provider, a team of forensic experts and other relevant entities The entity said on its website.
Direct consequence of this attack, ” as a precaution, the EBA decided to take its email systems offline “, Further specifies the Authority, which has yet to take stock of any damage or loss of data caused by this attack.
On Monday, the EBA said the investigation was continuing and the attack appeared to be under control. “ At this point, the EBA’s email infrastructure has been secure, and our analyzes suggest that no data extraction has been performed, and we have no indication that the breach has been beyond. beyond our e-mail servers “, Specified the Authority at the beginning of the afternoon.
According to a source, European banks may have been affected, but not more or more seriously than the attacks suffered daily by the sector. ” We talked about it in the sector, but it’s not particularly serious », Estimates a banker.
Microsoft said last week that hackers from a Beijing-based group dubbed ” Hafnium Exploited security holes in its Exchange messaging services to steal data from business users.
This ” highly qualified and sophisticated actor “, According to the computer giant, has in the past already targeted companies in the United States, in particular in the field of research on infectious diseases, law firms, universities, defense companies, think tanks and NGOs. According to a security expert quoted by Bloomberg, already 60,000 entities in the world are already affected.
” It’s a rather chunky flaw as we say in the jargon », Testifies a banker. ” To exploit it, you had to pass through four aligned faults “.
If the attack seems very large, a banking supervisor can naturally constitute a specific target, in particular for espionage purposes. In the case of the EBA, e-mails are used in particular when consulting on new banking regulations.
A loss of data – a hypothesis that the EBA excludes at this stage – would potentially expose the dialogue between the banking sector and the Authority. On the other hand, the risk is de facto less for the sensitive data of the banks: the latter regularly transmit economic data to the authorities, but this goes through dedicated platforms and not by e-mail.
Politically, on the other hand, the case does not turn out well, since the supervisors – at the EBA but also at the European Central Bank (ECB) – regularly encourage the banks to reinforce their coverage against cyber risk and improve their IT resilience, to the wider.
Supervision already covered
In August 2019, already, an attack had affected European banking supervision, in this case the ECB. ” Unauthorized third parties violated security measures “Protecting a website containing a banking reporting manual (BIRD), hosted by an external supplier, the central bank said in a statement.
This site provides the banking industry with detailed information on how to produce statistical and supervisory reports to the ECB and national central banks in the euro area. It is ” the contacts – but not passwords – of 481 BIRD newsletter subscribers may have been captured “, Then indicated the ECB. It was, however, an ancillary site, and not the central bank’s core systems.