U.S. banks have stepped up monitoring for potential cyberattacks as the U.S. war in Iran grinds on, while Gulf lenders face fresh questions over their preparedness for cyber activity tied to Iran-aligned hacktivists, according to new media reports. 

The U.S. financial services industry is on heightened alert for Iran-linked cyber activity, with firms watching for the types of threats that often increase during geopolitical conflicts, according to Reuters. 

“The industry remains vigilant and ready to respond to cyber threats at all times, and especially when global cybersecurity risks are heightened,” Todd Klessman, managing director for financial services cyber and technology at SIFMA, told Reuters. The financial firms operate critical infrastructure including payments, clearing and settlement systems, trading platforms, and Treasury markets, making them high-value targets, the news agency noted.

A U.S. intelligence assessment cited by Reuters said Iran-aligned “hacktivists” could attempt low-level attacks such as distributed denial-of-service (DDoS) incidents that overwhelm targeted networks with traffic. Morningstar DBRS warned cyber risks could rise alongside indirect financial risks from sustained higher oil prices and borrower shocks.

Gulf banks may be vulnerable to retaliatory cyberattacks by Iran and its proxies, according to experts cited by The Banker who have seen increased probing of regional institutions in recent days. CrowdStrike flagged a surge in claimed activity from “Iran-aligned and sympathetic” groups engaged in “hacktivism,” including a group calling itself Hydro Kitten that described the financial sector as a “decisive target,” The Banker said. 

A former head of digital strategy at a Gulf central bank told the news outlet that there was “a lot of probing and sniffing around,” suggesting attacks are being prepared. Taylar Rajic, an associate fellow at the Center for Strategic and International Studies, warned in the report that Gulf banks may be less prepared for cyber threats that can occur alongside kinetic risks.

The UAE’s Cybersecurity Council disclosed last month that 128 “confirmed cyber threat incidents” targeted entities in the country in the first seven weeks of the year, before the strikes on Iran began, with government administration, financial services, and banking among the most targeted sectors, according to The Banker. The council also warned of a “qualitative shift” in hacking methods, including AI-backed techniques.

UAE banking services are gradually returning to normal after outages at several lenders following retaliatory Iranian attacks. A source close to the Central Bank of the UAE said the disruptions stemmed from damage to an Amazon Web Services data center from drone strikes rather than cyberattacks, while noting Iran was attacking the country “in every way possible,” The Banker said.

Read more at Reuters 

Read more at The Banker