Banks focus on security after recent hacks

This business runs on trust. If institutions lose it, they lose customers.

By Trefis Oct 8, 2012 1:56PM
Bank sign copyright John Foxx, Stockbyte, Getty ImagesImagine a situation in which you have to make a payment but you can't find your wallet. Thousands of people found themselves in a similar state late last week when they lost access to their banks' websites while trying to pay bills. 

All of those customers were the unfortunate victims of a planned and widespread cyber attack targeted at websites of six of the country's biggest banks, including Wells Fargo (WFC), JPMorgan Chase (JPM) and Bank of America (BAC). The attack took the websites down sequentially, making them inaccessible to customers for hours at a stretch. 

The attackers flooded the websites with millions of requests to load pages, forcing the banks' infrastructures to process more information than they were designed to handle. As a result, the systems turned nonresponsive and customers could not access the websites and hence their own accounts.

And the timing of the attacks -- right at the end of the month -- made things worse for many customers as utility and services bills came due. While the source of this disruption continues to be investigated, one conclusion is obvious: The banks have to shore up their security.


Thankfully, the banks' systems were robust enough to thwart any attempts to access confidential customer data, including account details or access information. The temporary loss of connectivity seems to have been the only result.


Could this happen again? Unfortunately, yes, which is what has set the banks into action. Although the recent attack did not do much damage, it did expose some serious vulnerabilities in the banks' systems -- which might be exploited with more serious consequences if they are not addressed as the highest priority.

Banks spend millions of dollars each year in the upkeep of their IT infrastructure and boast of some of the most sophisticated computer defenses available. For example, Wells Fargo's IT expenses are likely around $1 to $2 billion a year, considering that equipment and staff costs about 2% to 4% of its total annual expenses. But the fact that the attack was successful in taking down the systems only means that more needs to be done.

Wells Fargo Noninterest Expense as a percent of Dividend Revenues

What if a future attack compromises customers' confidential information? Banks fear that possibility more than their customers do, as banks are responsible for ensuring confidentiality besides safeguarding money. So if a bank's security is circumvented, the bank becomes liable to compensate customers for the breach. After all, the banking business runs on trust, and if a bank loses trust, it loses customers. 

Oct 9, 2012 1:32PM
Great article -- I've spent the last few months analyzing security at all US banks and you can look up any bank at

People need to understand that they have options - every bank handles things differently - and some work harder than others on this problem.  When consumers start rewarding higher performing banks, you're going to see the wind sucked out of the sails of the attackers.

Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates theCode of Conductplease use this form to notify the moderators. They will investigate your report and take appropriate action. If necessary, they report all illegal activity to the proper authorities.
100 character limit
Are you sure you want to delete this comment?


Copyright © 2014 Microsoft. All rights reserved.

Fundamental company data and historical chart data provided by Morningstar Inc. Real-time index quotes and delayed quotes supplied by Morningstar Inc. Quotes delayed by up to 15 minutes, except where indicated otherwise. Fund summary, fund performance and dividend data provided by Morningstar Inc. Analyst recommendations provided by Zacks Investment Research. StockScouter data provided by Verus Analytics. IPO data provided by Hoover's Inc. Index membership data provided by Morningstar Inc.


StockScouter rates stocks from 1 to 10, with 10 being the best, using a system of advanced mathematics to determine a stock's expected risk and return. Ratings are displayed on a bell curve, meaning there will be fewer ratings of 1 and 10 and far more of 4 through 7.

123 rated 1
262 rated 2
480 rated 3
651 rated 4
649 rated 5
629 rated 6
616 rated 7
496 rated 8
346 rated 9
111 rated 10

Top Picks

TAT&T Inc9



Top Stocks provides analysis about the most noteworthy stocks in the market each day, combining some of the best content from around the MSN Money site and the rest of the Web.

Contributors include professional investors and journalists affiliated with MSN Money.

Follow us on Twitter @topstocksmsn.