ECB Says the Next European Bank Hack Is Just a Matter of Time

“There will be accidents, especially in the cloud.”


August 19, 2019

2 Min Read
European Central Bank headquarters in Frankfurt, 2019
European Central Bank headquarters in Frankfurt, 2019DANIEL ROLAND/AFP/Getty Images

Nicholas Comfort (Bloomberg) -- A senior official at the European Central Bank warned that banks embracing external data storage and other digital technology need to face an uncomfortable truth: there’s a good chance they’ll get hacked.

“There will be accidents, especially in the cloud,” Korbinian Ibel, a director general at the ECB’s supervisory arm, said in an interview. “It’s not that clouds are more vulnerable, they’re actually often better protected than in-house systems, but they’re seen as juicy targets.”

So far, Europe has been spared the kind of hack that hit Capital One Financial Corp., which said last month that data from about 100 million people in the U.S. was illegally accessed. That may change as the region’s banks face increasing pressure to reduce costs with new technology and make up for the squeeze on revenue from lower interest rates.

European banks already use some services of companies like Microsoft Corp. and Inc. Germany’s Deutsche Bank AG eventually wants to move the majority of its applications to the cloud -- giant external data centers -- from what it has called “expensive and inflexible physical servers.” For now, European banks tend to avoid putting “highly confidential data” on public clouds, said Ibel.

“We see the benefits” of cloud computing, Ibel said. “The rule is that the banker is always responsible for their data and services.”

Failings can have consequences. The ECB can tell riskier lenders to hold more capital, squeezing their returns, or order potentially costly qualitative measures such as improving how users access computer systems.

Banks have responded to the digital revolution by hiring tech experts, sometimes even naming them to their top management bodies. That’s good, but it doesn’t go far enough, said Ibel.

“It’s not enough to have one person as the IT expert,” he said. “You need a common understanding at board level of the needs and risks of IT.”

Read more about:

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like