This month there have been reports of denial-of-service attacks on giant U.S.-based banks. Attacks have been confirmed at Bank of America, Wells Fargo, Ally Financial, and others, and there were surely targets we don’t know about. Targets of denial-of-service attacks cannot always detect the extra transaction load, and if they do, they may not be prepared to go public with the information they have. Defense Secretary Leon Panetta referred to the series of attacks in a recent speech on securing essential infrastructure, such as water supplies and railroads, from cyberattack. The most specific information comes from PNC, whose CEO James Rohr told CNBC his bank’s servers were “pummeled” for 38 hours and the threat of attacks was having an impact on operations.
Cyberattacks are a very real, living thing and if we think we are safe that way, we’re just kidding ourselves. It’s true throughout the country and in different industries, too.
Based on the information that is known so far, network software experts have assured me that the scale of the attacks on the banks has been greatly exaggerated. The real problem, they say, is what Panetta and Rohr alluded to in their comments, that banks are not used to thinking of their operations as potential targets for attacks. It is probably just as well that banks have put a greater emphasis in recent years on securing customer data from loss, as the denial-of-service attacks were almost certainly coordinated with break-in attempts that would exploit software flaws in overloaded servers in order to gain access to account numbers and other sensitive data. Those attempts would fail if the files in question were adequately encrypted.
The financial incentive for this kind of large-scale break-in attempt is centered in the organizations that are already involved in high finance, such as Wall Street banks and sovereign wealth funds, but it is hard to imagine any of them attempting something so disruptive. There has been official speculation that the attacks might originate in Iran, and the theory of a hit-and-run attack from a spiteful foreign government can’t be completely discounted.
The banking giants have reported better-than-expected earnings for the latest quarter, but investors are taking the earnings reports with grain of salt, and for good reason. The reported profits are based in part on projections of a steady increase in real estate values over the next two years, a hypothetical trend that other economists dismiss as unlikely. A wave of home mortgage refinance activity also contributed to some banks’ profits, but that refi boom may have ended already, and the resulting mortgages add more risk to the banks’ already awkward balance sheets.
There has been more political talk of reining in the giant banks. It was the RBS acquisition of failing Dutch bank ABN Amro in 2008 that brought RBS to the brink of insolvency and led to a taxpayer-funded bailout. Now a parliament report is saying the Financial Services Authority (FSA) could have blocked that acquisition. The report calls for the new Prudential Regulation Authority (PRA) to consider the financial impact of every bank merger, and for legislation to ban some kinds of mergers, particularly hostile takeovers of banks by owners of other banks. In the United States, two senators have sent a letter to regulators calling for higher capital levels than the latest international treaty requires. Separately, former FDIC chief Sheila Bair has explained how Citibank could have been broken up in 2008 or 2009, preventing some of the stress that has happened there in the years since.
Spain is expected to formally request a bank bailout at this weekend’s European summit. No action is expected on the request until next year.
Update: Based on where we are in the political calendar, I wasn’t expecting bank closings, but one popped up almost as soon as I posted. State banking regulators closed GulfSouth Private Bank, with $151 million in deposits and four offices in Destin, Fort Walton Beach, Pensacola and Santa Rosa Beach in the western Florida panhandle. Deposits are being transferred to Tennessee-based SmartBank, which is also purchasing the assets.
The Treasury lost 90 percent of its $7.5 million TARP bailout of the failed bank.
The second bank closing at closing time was First East Side Savings Bank, with one location in Tamarac, Florida and $66 million in deposits. The deposits are being transferred to Minnesota-based Stearns Bank, which has acquired a number of failed banks over the last two years.
In Missouri, state regulators closed Excel Bank, with $187 million in deposits and four locations. Simmons First National Bank is taking over the deposits and purchasing the assets.