File illustration picture of computer keyboard with letters stacked forming the word 'password' taken in Warsaw, December 12, 2013.  Security experts warn there is little Internet users can do to protect themselves from the recently uncovered "Heartbleed" bug that exposes data to hackers, at least not until vulnerable websites upgrade their software. Researchers have observed April 8, 2014, sophisticated hacking groups conducting automated scans of the Internet in search of Web servers running a widely used Web encryption program known as OpenSSL that makes them vulnerable to the theft of data, including passwords, confidential communications and credit card numbers. OpenSSL is used on about two-thirds of all Web servers, but the issue has gone undetected for about two years.  REUTERS/Kacper Pempel/Files  (POLAND - Tags: SCIENCE TECHNOLOGY CRIME LAW)

US regulators are increasingly concerned about the threat that cyber attacks pose to financial stability after assaults on Sony Pictures and Target highlighted the proliferating range of techniques used by digital raiders.

In a new report on risks to the financial system, regulators also sounded the alarm on risk-taking by institutions searching for higher investment yields, as well as the threat of rising interest rates triggering market volatility.

On cyber security, the annual report from the Financial Stability Oversight Council said “the prospect of a more destructive incident that could impair financial sector operations” was even more concerning than recent breaches that have compromised financial information.

Jack Lew, the US Treasury secretary, took a swipe at Republicans while presenting the report on Tuesday, claiming that a GOP financial reform bill announced last week would deliberately “tie this council in knots with delays and hurdles”.

Mr Lew said cyber security was the primary focus of multiple regulators and that it was essential for businesses and government to work together to share information and find ways to mitigate the damage done by successful attacks.

The regulators’ report pointed to the troubling implications of last year’s attack on Sony Pictures — which the US blamed on North Korea — noting that the company’s computers were apparently rendered inoperable, suggesting that attackers had reached a new level of sophistication.

An FSOC official said recent cyber assaults also underlined how companies had multiple vulnerabilities and attackers were constantly probing news ways to penetrate their systems.

He said that a massive 2013 attack on Target, the US retailer, which led to the theft of millions of people’s credit card details, was a warning that criminals could gain access to companies’ systems via third-party service providers.

In warnings on market practices, the regulators said that continued low interest rates were encouraging some banks, credit unions and broker dealers to take risks in a search for yield by easing lending standards or holding longer-duration assets.

At the same time, the regulators repeated a well-rehearsed warning that the end of ultra-low interest rates in the US could itself trigger instability, with price volatility, a drying up of bond liquidity, and a fall in corporate credit quality.

As reverberations from the 2010 “flash crash” in the markets continue, Mr Lew said the continued growth of electronic trading and other changes in market structure were “worthy of close monitoring”.

Electronic trading is most developed in the equity and futures markets, but is increasing steadily in fixed income, foreign exchange and over-the-counter derivatives markets, the report said.

It also put a spotlight on the role of clearing houses, also known as central counterparties, which are processing a growing proportion of transactions.

That trend is regarded as a positive change, but regulators say it also means the clearing houses have to do more to improve their risk management, resilience, and ability to bounce back from a failure.

Get alerts on Financial & markets regulation when a new story is published

Copyright The Financial Times Limited 2019. All rights reserved.
Reuse this content (opens in new window)

Follow the topics in this article