"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2021-05-10T16:19:59Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2021/05/10/neil-chatterjee-matt-egan-ferc-colonial-pipeline-orig.cnn-business"
data-branding-key=""
data-video-slug="neil chatterjee matt egan ferc colonial pipeline orig"
data-first-publish-slug="neil chatterjee matt egan ferc colonial pipeline orig"
data-video-tags="budget deficits,business and industry sectors,business, economy and trade,computer science and information technology,digital security,economy and economic indicators,energy and utilities,energy and utility law,federal budget,federal budget deficit,federal energy regulatory commission,government and public administration,government budgets,government organizations - us,law and legal system,malware,political platforms and issues,politics,public debt,public finance,software and applications,technology,us federal departments and agencies,us federal government shutdowns,us government independent agencies,utilities regulation"
data-details="">
Video Ad Feedback
Energy regulator: Pipelines are at the forefront of our national defenses
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2021-05-10T16:19:59Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2021/05/10/neil-chatterjee-matt-egan-ferc-colonial-pipeline-orig.cnn-business"
data-branding-key=""
data-video-slug="neil chatterjee matt egan ferc colonial pipeline orig"
data-first-publish-slug="neil chatterjee matt egan ferc colonial pipeline orig"
data-video-tags="budget deficits,business and industry sectors,business, economy and trade,computer science and information technology,digital security,economy and economic indicators,energy and utilities,energy and utility law,federal budget,federal budget deficit,federal energy regulatory commission,government and public administration,government budgets,government organizations - us,law and legal system,malware,political platforms and issues,politics,public debt,public finance,software and applications,technology,us federal departments and agencies,us federal government shutdowns,us government independent agencies,utilities regulation"
data-details="">
Video Ad Feedback
Energy regulator: Pipelines are at the forefront of our national defenses
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2022-09-13T15:28:17Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2022/09/13/chevron-ceo-mike-wirth-climate-change-harlow-vpx.cnnbusiness"
data-branding-key="perspectives-no-logo"
data-video-slug="chevron ceo mike wirth climate change harlow vpx"
data-first-publish-slug="chevron ceo mike wirth climate change harlow vpx"
data-video-tags="banking, finance and investments,business and industry sectors,business, economy and trade,chevron corp,climate change,companies,company activities and management,company structure and ownership,energy and environment,energy and resources,energy and utilities,environment and natural resources,environmental regulation and policy,environmentalism,financial markets and investing,misc people,poppy harlow,securities trading,shareholders,stock markets"
data-details="">
Video Ad Feedback
This is what Chevron's CEO thinks about climate change
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2022-08-31T22:32:47Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2022/08/31/americans-face-high-utility-bills-yurkevich-dnt-lead-vpx.cnn"
data-branding-key=""
data-video-slug="americans face high utility bills yurkevich dnt lead vpx"
data-first-publish-slug="americans face high utility bills yurkevich dnt lead vpx"
data-video-tags="severe weather,weather,business and industry sectors,business, economy and trade,economic conditions,economic indicators,economy and economic indicators,energy and utilities,inflation"
data-details="">
Video Ad Feedback
'I can't withstand the heat': Americans behind on utility bills face extreme weather
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2022-07-26T14:30:15Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2022/07/26/european-union-reducing-gas-consumption-russia-supply-winter-firstmove-vpx.cnn"
data-branding-key=""
data-video-slug="european union reducing gas consumption russia supply winter firstmove vpx"
data-first-publish-slug="european union reducing gas consumption russia supply winter firstmove vpx"
data-video-tags="business and industry sectors,business, economy and trade,energy and utilities,energy consumption,european union,government organizations - intl,natural gas,oil and gas industry,clare sebastian,continents and regions,eastern europe,europe,misc people,russia,ukraine"
data-details="">
Video Ad Feedback
EU countries agree to reduce gas consumption to prep for winter
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2022-07-21T15:08:36Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2022/07/21/international-energy-agency-european-gas-consumption-firstmove-intl-ldn-vpx.cnn"
data-branding-key=""
data-video-slug="international energy agency european gas consumption firstmove intl ldn vpx"
data-first-publish-slug="international energy agency european gas consumption firstmove intl ldn vpx"
data-video-tags="business and industry sectors,business, economy and trade,continents and regions,energy and utilities,energy and utility policy,energy consumption,europe,government organizations - intl,international energy agency"
data-details="">
Video Ad Feedback
IEA director says Europe needs to lower gas consumption to prepare for winter
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2022-07-19T17:25:36Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2022/07/19/france-finance-minister-bruno-le-maire-russia-europe-gas-supply-uae-ctw-vpx.cnn"
data-branding-key=""
data-video-slug="france finance minister bruno le maire russia europe gas supply uae ctw vpx"
data-first-publish-slug="france finance minister bruno le maire russia europe gas supply uae ctw vpx"
data-video-tags="becky anderson,continents and regions,eastern europe,europe,france,middle east,middle east and north africa,misc people,russia,united arab emirates,western europe"
data-details="">
Video Ad Feedback
French finance minister says country prepping for cutoff of Russian gas supply
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2022-07-05T19:03:29Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2022/07/05/hungary-foreign-minister-russian-energy-purchase-ukraine-amanpour-intl-vpx.cnn"
data-branding-key=""
data-video-slug="hungary foreign minister russian energy purchase ukraine amanpour intl vpx"
data-first-publish-slug="hungary foreign minister russian energy purchase ukraine amanpour intl vpx"
data-video-tags="christiane amanpour,continents and regions,eastern europe,europe,government and public administration,government bodies and offices,government departments and authorities,hungary,international relations,international relations and national security,misc people,russia,state departments and diplomatic services,ukraine,russia-ukraine conflict,unrest, conflicts and war"
data-details="">
Video Ad Feedback
Hungarian foreign minister on why the country is still buying Russian energy
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2022-06-10T15:02:45Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2022/06/10/low-price-gas-station-affil-vpx.ktvk-kpho"
data-branding-key="good-stuff"
data-video-slug="low price gas station affil vpx"
data-first-publish-slug="low price gas station affil vpx"
data-video-tags="arizona,continents and regions,north america,phoenix,southwestern united states,the americas,united states"
data-details="">
Video Ad Feedback
Hear why this gas station owner is selling gas at a loss
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2022-03-23T02:00:31Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2022/03/23/fuel-prices-gas-breakdown-js-orig.cnn"
data-branding-key=""
data-video-slug="fuel prices gas breakdown js orig"
data-first-publish-slug="fuel prices gas breakdown js orig"
data-video-tags="banking, finance and investments,business and industry sectors,business, economy and trade,commodity markets,consumer products,economic conditions,economic indicators,economy and economic indicators,energy and resources,energy and utilities,energy commodities,energy economic indicators,financial markets and investing,inflation,oil and gas industry,oil prices,price increases"
data-details="">
"
data-check-event-based-preview=""
data-is-vertical-video-embed="false"
data-network-id=""
data-publish-date="2022-06-08T15:11:51Z"
data-video-section="business"
data-canonical-url="https://www.cnn.com/videos/business/2022/06/08/oecd-secretary-general-global-economic-report-russia-oil-embargo-inflation-firstmove-vpx.cnn"
data-branding-key=""
data-video-slug="oecd secretary general global economic report russia oil embargo inflation firstmove vpx"
data-first-publish-slug="oecd secretary general global economic report russia oil embargo inflation firstmove vpx"
data-video-tags="business, economy and trade,celebrities,continents and regions,developing countries,eastern europe,economic conditions,economic development,economic indicators,economy and economic indicators,europe,inflation,julia chatterley,non-profit and ngo organizations,organisation for economic co-operation and development,russia,russia-ukraine conflict,trade and development,ukraine,unrest, conflicts and war"
data-details="">
Video Ad Feedback
OECD secretary-general explains global cost of the Russian oil embargo
Hackers are holding one of America’s most important pipelines hostage, a stunning development that should serve as a warning to even bigger targets: the nation’s financial industry.
The nightmare scenario is that a Colonial Pipeline-style ransomware attack disrupts major banks or even financial markets, dealing a blow to the flow of money and confidence in the system. Instead of lines at gas stations, social media would be ablaze with images of broken ATMs or inaccessible brokerage accounts.
These are not theoretical risks. Banks and stock exchanges overseas have been hit by damaging cyberattacks in recent years.
The good news is that banks and exchanges, more so than pipelines and other aging physical infrastructure, have some of the most robust cyber defenses in the private sector, security experts told CNN Business.
“Banks are definitely hardened targets. They are some of the hardest targets out there – outside of the government itself,” said Paul Prudhomme, a cyber threat intelligence advisor at IntSights and a former contractor in the US intelligence community. “But as we saw with SolarWinds, the government itself is not immune to compromise.”
If Russian hackers were able to infiltrate critical federal government agencies through the SolarWinds attack, nothing is completely safe from cyber threats.
‘Blind spots’
Although big banks are believed to have strong defenses, security experts and industry officials fear hackers could infiltrate the industry through third parties with lax security.
Brendan Conlon, who worked at the National Security Agency for over a decade, said that while big banks “practice good cyber hygiene,” the consultants, law firms, contractors and vendors they rely on may not and could be vulnerable to ransomware.
“These institutions are likely to have blind spots in their critical supply chain,” said Conlon, who is now vice chairman of cybersecurity firm BlueVoyant. “Over the last few years, they have focused on their own security. Now they need to acknowledge the risk that their less secure vendors are presenting to their business.”
The Financial Service Information Sharing and Analysis Center (FS-ISAC), the authority for cyber threats facing the industry, is aware of this threat.
“Institutions with robust cybersecurity programs are well positioned to prevent ransomware attacks on their own networks but the risk to be impacted by third-party suppliers is increasing,” FS-ISAC CEO Steven Silberstein told CNN Business in a statement.
Silberstein also noted that ransomware operators have “grown and matured in sophistication, making it an area of concern.”
The financial industry is a large target for many different groups – from organized criminals seeking to steal money to politically motivated groups attempting to make a statement.
In its annual report, Nasdaq
(NDAQ) said potential threats include attacks from foreign governments, hacktivists, insiders and criminal organizations.
State-backed groups may have the capabilities to carry out sophisticated attacks, but most countries would not want to do so much damage that it hurt their own financial and economic interests.
Jerome Powell’s biggest fear isn’t inflation, it’s cyber
The shutdown of the Colonial Pipeline, which delivers nearly half the gasoline and diesel to the East Coast, shows the real-world impact of increasingly sophisticated cyberattacks. Panic buying by nervous drivers amplified the supply crunch, sparking significant gas station outages in the Southeast.
Federal Reserve Chairman Jerome Powell warned last month that cyberattacks are the No. 1 threat to the global financial system – even more so than the lending and liquidity risks that sparked the 2008 financial crisis.
During a 60 Minutes interview, Powell said one fear is that hackers manage to shut down a major payment processor, preventing money from flowing from one financial institution to another. That could cause part of the financial system to “come to a halt,” Powell said.
There is precedent for that.
In 2016, Bangladesh’s central bank was attacked by hackers that the FBI has blamed on North Korea. In February, the Justice Department charged three North Koreans of a conspiracy to steal and extort more than $1.3 billion in cash and cryptocurrency from banks and other businesses. Prosecutors accused the operatives of targeting banks around the world, including banks in Malta in 2019.
Stock exchanges are huge targets
New Zealand suffered a version of that last summer when a cyberattack that originated overseas caused periodic outages of the nation’s stock exchange for several days. Unlike the Colonial Pipeline ransomware attack, the New Zealand Exchange was hit by a “sophisticated and severe” distributed denial of service (DDoS) attack. But the outcome was the same: a disruption to a critical piece of infrastructure.
Wall Street exchanges know there is a large target on their backs.
“Our role in the global marketplace may place us at greater risk for a cyberattack,” Nasdaq warned investors in its annual report. The exchange added that much of its workforce is working remotely during the pandemic increased its reliance on the home network of employees.
NYSE President Stacey Cunningham told CNBC earlier this week that the exchange is “constantly working” with its own team, regulators and other exchanges players to ensure “that our markets are secure.”
JPMorgan says future attacks are ‘inevitable’
More than $350 million in losses have been attributed to ransomware attacks this year alone, Homeland Security Secretary Alejandro Mayorkas said at Tuesday’s White House briefing.
“This threat is not imminent, it is upon us,” Mayorkas said.
Danny Jenkins, CEO of cybersecurity firm ThreatLocker, told CNN Business that banks get hit with attempted ransomware attacks “nearly everyday” but they’re mitigated.
“The likelihood of seeing a major bank go completely offline is small but not impossible,” he said, adding there is “much higher probability” that ATM networks or major branches get disrupted.
“JPMorgan Chase has experienced security breaches due to cyberattacks in the past, and it is inevitable that additional breaches will occur in the future,” the bank said in its annual report, which mentions “cyber” 67 times, compared with just 17 times in 2014. “Any such breach could result in serious and harmful consequences for JPMorgan Chase or its clients and customers.”
JPMorgan
(JPM) acknowledges it “does not have control over” the security of the systems of its many clients, customers, counterparties and third-party service providers. The bank added that its exposure to cyberattacks could be heightened by the fact that many of its employees are working remotely and due to the increased use of video conferencing apps.
Hacks are getting more sophisticated – and automated
Biden administration officials have privately voiced frustration with what they view as Colonial Pipeline’s weak security protocols and a lack of preparation, officials familiar with the government’s investigation told CNN.
“The financial sector tends to take security more seriously than oil and gas,” said Jenkins, the ThreatLocker CEO. He cited larger IT budgets.
Jon DiMaggio, a former intelligence community analyst, agrees, saying: “There are far easier targets than banks that can pay just as much.”
However, DiMaggio worries the risk-reward calculus will be altered by the fact that some sophisticated hackers have recently begun using automation to dramatically speed up their attacks, making them harder to detect.
“It’s going to be a much greater threat to financial institutions,” said DiMaggio, chief security strategist at threat intelligence firm Analyst1.
To keep up with the bad guys, he urged banks to rely more on cyber defenses powered by artificial intelligence.
“As a threat hunter, I hate saying that because it puts guys like me out of a job,” he said.
Prudhomme, the IntSights executive, described it as a “constant cat-and-mouse game” between companies and hackers.
“Just when you develop a new defense and you think you’re squared away,” he said, “some actor will find a way to circumvent it.”