Danish central banker sees Russian hackers as key risk to lenders – BNN Bloomberg

(Bloomberg) — Cyber attacks on Nordic banks, likely by Russian-linked hackers, are the biggest threat to financial stability in the region, a top Danish central bank official said.

Financial institutions should be prepared for an “arms race” with cybercriminals, Ulrik Nodgaard, the new deputy governor at the Danish central bank, said in an interview in Copenhagen. His comments come as the websites of lenders, including Nordea Bank Abp, the region’s largest, have been disrupted daily for weeks.

“This has become a more real threat,” Nodgaard said, adding that “even more powerful and far-reaching” cyber warfare is not out of the question. “These attacks are fundamentally about creating frustration and uncertainty, and that has been successful.”

The incidents, which have swamped sites with extreme traffic, have gone from being “slightly annoying” to “more serious,” said Nodgaard, who took over the job in August. While experts and the media have attributed the so-called Distributed Denial-of-Service, or DDoS, attacks to perpetrators affiliated with Russia, no senior official has so far made such a link public.

Asked if he believed the DDoS attacks came from Russia, he said: “Yes, the general assessment is that it seems likely.”

Nodgaard is one of two deputy governors of the Danish central bank, which oversees the payments system and financial stability. He joined the regulator from a role as head of the country’s banking lobby group and previously headed the Danish Financial Supervisory Authority.

Nordea called a wave of DDoS attacks in September “unprecedented” in scale, intensity and duration – slowing down its digital services or taking them offline. The Nordic banking industry, one of the most digitized in the world, could also face attacks where criminals manage to hack into an institution and shut it down for days, Nodgaard said.

Globally, DDoS attacks increased in the third quarter of 2024, according to cybersecurity firm Cloudflare, which said last month it mitigated nearly 6 million such incidents in the quarter, a nearly 50 percent increase over the period previous The financial services industry was the worst affected, he added.

The Danish central bank has already been working with lenders on preventive cyber measures for some time, including facilitating knowledge sharing and exercises in which hackers are employed to reveal gaps in banks’ resilience. But since Russia’s full-scale invasion of Ukraine, the focus has shifted slightly toward greater investment in preparedness and recovery in the event of larger disruptions, Nodgaard said.

“It’s about preparing for worst-case scenarios,” Nodgaard said. “We don’t expect someone to come in and shut down a large Danish payment institution, but in the climate we’re in now, we need to invest and be prepared for that scenario.”

In one such move, the central bank worked with lenders, card companies and retailers to extend the number of days Danes can pay with their card for food and medicine in stores if the internet or payment system shuts down. From next year, such offline retail payments will be possible for seven days for all cards issued in Denmark; today it is only possible for three days and not for all cards.

Authorities in other countries, Nodgaard said, have shown strong interest in the system because it avoids having to ask citizens in a largely cashless economy to stockpile notes and coins for a crisis situation.