European Central Bank warns state-sponsored cyberattacks could trigger systemic financial disruption

The European Central Bank published an analysis in its Financial Stability Review examining how state-sponsored cyberattacks could threaten financial stability amid rising geopolitical tensions. It concludes that increasing digitalisation and interconnectedness can allow cyber incidents to propagate beyond individual firms and disrupt critical financial services, including through dependencies on key infrastructures and third-party providers. Using publicly disclosed incident data, the ECB notes a substantial rise in cyberattacks over the past decade, with state-sponsored activity targeting state institutions and critical infrastructures including telecommunications, energy and the financial sector, and with attacks often clustered over time and by sector. Data theft linked to espionage is the predominant objective, but open-conflict environments raise the risk of sabotage and data destruction aimed at maximum disruption, while other campaigns can involve influence operations around elections and expropriation via ransomware or theft of crypto-assets; a relatively small group of sponsoring countries accounts for most such attacks, and frequency tends to rise with heightened geopolitical risk and, at times, economic policy uncertainty. The Review outlines operational, financial and confidence channels through which severe incidents could generate cascading effects, particularly where services have limited substitutes, where vulnerabilities spill over across interconnected entities, or where centralised cloud technologies concentrate dependencies. It stresses the need for authorities and financial institutions to keep close track of the evolving threat landscape and cooperate on resilience and mitigation, while noting that available datasets are incomplete and attribution is inherently difficult.