Opening Remarks
Sadly, it has become an undeniable reality that the traditional boundaries between conventional warfare and economic statecraft are rapidly dissolving. Cyber security and financial warfare have evolved into critical instruments of geopolitical influence and power projection, with significant implications for nations like Australia. The interconnectedness of global financial markets and digital infrastructure makes them prime targets and instruments in modern conflict. The analysis below aims to examine the key dimensions of this convergence, with a specific focus on Australia’s strategic posture and inherent vulnerabilities, these learnings are drawn from my experiences across the finance, cyber, defence and national security industries but leverage no classified or confidential information.
Financial markets are vital for the smooth functioning of economies, serving as marketplaces for trading securities and allocating resources. However, they are also vulnerable to cyberattacks. The intersection of these domains creates a complex landscape where cyber threats can destabilise financial systems and financial tools can be weaponised for geopolitical gain.
Cyber Threats Targeting Financial Markets
The financial sector represents an increasingly attractive target for both cybercriminals and state-sponsored entities, owing to its concentration of sensitive data and high-value transactions. Cybercrime for financial gain, includes activities like phishing, ransomware attacks, and exploitation of vulnerabilities in payment systems. State-sponsored attacks, on the other hand, may aim for financial gain, espionage, disruption, or power projection. Such attacks can severely disrupt market operations, compromise stability, and undermine public confidence, resulting in significant financial losses and/or operational paralysis. It’s incredibly scary that an organised attack can lead to devasting primary and second order effects should it not be purely for financial gain.
For Australia, these threats are particularly relevant.
The Australian financial sector faces escalating cyber risks. Banks, investment firms, and payment processors are all potential targets (as a small example). A major cyber incident could disrupt critical financial infrastructure, leading to broader financial stability implications. I believe we all know something of this nature is coming, the broader question is, when? A prime example of this is, the Australian Cyber Security Centre (ACSC) has repeatedly warned of the increasing sophistication and frequency of cyberattacks targeting Australian entities, including those in the financial sector.
E.g. The Medibank Private Data Breach (2022)
Although not a financial institution in the traditional sense, the Medibank Private data breach in 2022 serves as a stark reminder of the vulnerabilities in Australia’s digital ecosystem. Millions of customers’ personal and health data were compromised, leading to significant financial and reputational damage. This incident starkly illustrated the critical importance of robust data protection measures and the profound repercussions of cyberattacks on Australian organisations. It also underscored the cascading effects of such breaches, as the stolen data could be used for identity theft and financial fraud.
NB: Medibank Private Ltd (ASX: MPL) shares plummeted 18% on the first day of the breach. This represents over AUD $1.7billion dollars of value! A lot of those shareholders were average Australian families and retirement funds.
Financial Markets as Instruments of National Security and Geopolitics
What I task the reader with, is to recognise that financial markets serve not only as potential targets but also as strategic instruments in the pursuit of national security objectives and geopolitical influence. Economic statecraft, which encompasses the strategic use of economic measures, such as financial sanctions and trade policies, to achieve foreign policy objectives. Financial sanctions, administered by agencies like the U.S. Office of Foreign Assets Control (OFAC), can be used to deter undesirable actions, coerce targets, and enforce international norms.
Australia, as a close ally of the United States and a participant in international sanctions regimes, is involved in this arena. The use of sanctions against entities involved in malicious cyber activities or those undermining international security has implications for Australian businesses and financial institutions. Compliance with these sanctions is crucial, and any breaches can lead to significant penalties.
Australia’s Strategic Considerations
For Australia, a middle power with a strong economy and close ties to the global financial system, the nexus of cybersecurity and financial warfare presents both opportunities and challenges. Strengthening cybersecurity resilience especially within Australia, is of paramount importance. This includes strengthening the cyber defences of financial institutions, improving information sharing mechanisms, and investing in cyber skills and awareness.
Australia must also maintain a posture of readiness to employ financial instruments as part of its geopolitical strategy. This necessitates a thorough understanding of sanctions regimes, the development of rigorous compliance frameworks, and the diversification of economic partnerships to mitigate strategic exposure. Additionally, we should continue to work with international partners to establish norms and rules for responsible state behaviour in cyberspace and the financial domain.
Plainly spoken, the entanglement of cybersecurity and financial warfare is a critical issue for Australia.
Through the fortification of cyber defences, a nuanced understanding of financial instruments as strategic assets, and sustained engagement with international allies, Australia can effectively navigate this complex domain and safeguard its national security objectives. The case studies of the Medibank Private data breach highlight the real-world implications of these issues and the need for proactive and comprehensive strategies.
In my upcoming piece for KBI, I’ll be unpacking the real-world financial fallout of cyberattacks on public companies. Drawing on high-profile cases like the 2018 Marriott International (NASDAQ: MAR) data breach, I’ll explore how events like these impact shareholder value and “why markets consistently react with sharp declines following major breaches or ransomware incidents.”
