U.S. Markets closed

ECB Says the Next European Bank Hack Is Just a Matter of Time

Nicholas Comfort
1 / 2

ECB Says the Next European Bank Hack Is Just a Matter of Time

(Bloomberg) -- Want the lowdown on European markets? In your inbox before the open, every day. Sign up here.

A senior official at the European Central Bank warned that banks embracing external data storage and other digital technology need to face an uncomfortable truth: there’s a good chance they’ll get hacked.

“There will be accidents, especially in the cloud,” Korbinian Ibel, a director general at the ECB’s supervisory arm, said in an interview. “It’s not that clouds are more vulnerable, they’re actually often better protected than in-house systems, but they’re seen as juicy targets.”

So far, Europe has been spared the kind of hack that hit Capital One Financial Corp., which said last month that data from about 100 million people in the U.S. was illegally accessed. That may change as the region’s banks face increasing pressure to reduce costs with new technology and make up for the squeeze on revenue from lower interest rates.

European banks already use some services of companies like Microsoft Corp. and Amazon.com Inc. Germany’s Deutsche Bank AG eventually wants to move the majority of its applications to the cloud -- giant external data centers -- from what it has called “expensive and inflexible physical servers.” For now, European banks tend to avoid putting “highly confidential data” on public clouds, said Ibel.

“We see the benefits” of cloud computing, Ibel said. “The rule is that the banker is always responsible for their data and services.”

Failings can have consequences. The ECB can tell riskier lenders to hold more capital, squeezing their returns, or order potentially costly qualitative measures such as improving how users access computer systems.

Banks have responded to the digital revolution by hiring tech experts, sometimes even naming them to their top management bodies. That’s good, but it doesn’t go far enough, said Ibel.

“It’s not enough to have one person as the IT expert,” he said. “You need a common understanding at board level of the needs and risks of IT.”

To contact the reporter on this story: Nicholas Comfort in Frankfurt at ncomfort1@bloomberg.net

To contact the editors responsible for this story: Dale Crofts at dcrofts@bloomberg.net, Christian Baumgaertel

For more articles like this, please visit us at bloomberg.com

©2019 Bloomberg L.P.