Hacking and Systemic Financial Risk (Encore)


The data breach stories just don't seem to stop. (And why would they?). The latest (I think) is about a massive and sophisticated multi-million dollar hacking of several banks.  If you read down through the story, one of the things the hackers did was manipulate the balances of real accounts.  They'd change a real $1,000 balance to $10,000 and then have $9,000 wired to an account at another institution.  

But why take out only $9,000?  The hackers were being nice, I suppose, in that they didn't steal any actual depositor's funds (as far as we know). And that was also probably smart, because if they zeroed out an account, there might be a bounced transaction that would alert the consumer and then the bank to the theft.  But I don't know that we can count on future hackers being so polite, considerate, or careful. Indeed, they might actually want to create havoc by messing with account balances.  

I raised this scenario several months ago, and before that a couple of years ago. I think today's news confirms that the financial Armageddon via hacking scenarios I have nightmares about aren't totally farfetched. Between state-sponsored hacking (I'm looking at you DPRK), terrorist hacking (ISIS and Newsweek), and rogue individuals, I think we're looking at a matter of when, not if, we see consequences from financial hacking that go beyond a few hundred million in losses and result instead in institutions failing.