InfoSecBulletin Cybersecurity for mankind
The European Union’s central bank will perform its first cyber resilience stress test on 109 banks under its supervision in 2024. The test will evaluate the banks’ capacity to handle a cyber-attack successfully, rather than just preventing it.
Intel PC, laptop and server processors affected for 6 years: Report
CVSS 10.0 Flaw
Critical flaw in Siemens OZW Web Servers Enable Unauthenticated RCE
Microsoft Patch Tuesday May 2025: 72 flaws, 5 Actively Exploited Zero-Day
OTP glitch disrupted NID services across the country
Google to pay Texas $1.4 billion for location tracking practices
YouTube geo-blocks at least 4 Bangladeshi TV channels in India
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
The ECB evaluated banks’ IT risk management in November 2023 and found little progress in the sector. This announcement follows that evaluation.
It found “serious supervisory concerns that confirm the need to continue on-site inspections in conjunction with tailored discussions between banks and supervisors.”
How Will the Cyber Resilience Stress Test Work?
In the stress test scenario, a cyber-attack will have successfully disrupted the bank’s daily business operations. Supervisors will watch the bank’s response and recovery measures, including their ability to activate emergency procedures and restore normal operations.
Additionally, 28 banks will go through a more detailed evaluation, where they will need to provide additional information about how they dealt with the cyber-attack.
This will also check if there is enough coordination with other supervisory activities. These 28 banks represent various business models and geographies to reflect the euro banking system.
Supervisors will discuss the stress test results and lessons with each bank as part of the 2024 Supervisory Review and Evaluation Process, which evaluates a bank’s risk profile. The main findings will be published in summer 2024.
In October 2023, Lloyd’s of London predicted that a cyber-attack on a major financial services payment system could cause global economic losses of $3.5 trillion.
