US federal agencies are taking the unusual step of sharing intelligence with foreign banks to bolster defences against potential cyber attacks in retaliation for the unprecedented economic sanctions imposed on Russia, according to people familiar with the briefings.
Officials typically brief US businesses on potential cyber threats but have tended to exclude companies headquartered in other countries even if they have sizeable US operations, regulators and industry sources said.
The co-operation with foreign banks underscores the collaboration between the US government and the global finance industry to enforce western sanctions against Russia due to its invasion of Ukraine and fend off potential retaliation by Moscow.
Briget Polichene, chief executive of the Institute of International Bankers, a Washington-based trade group that includes lenders like HSBC and Credit Suisse, said its “members are devoting all resources necessary to fully comply with the US sanctions being imposed against Russia”.
Foreign banks still were not being given access to classified information, said a lobbyist for a US arm of a large European bank, but US authorities have been declassifying information at a rapid pace that people in the banking industry have not seen before.
Federal agencies including the Department of Homeland Security, and the Cybersecurity and Infrastructure Security Agency hosted briefing calls with executives last month. “Truly global” banks with a large presence in the country were in the room for the first time, said an executive at a large US bank.
The Office of Foreign Assets Control held a briefing for representatives of US subsidiaries of foreign banks in late March, the agency told the Financial Times. The agency is typically “very secretive” in terms of the information it shares with international banks, according to a person familiar with its modus operandi.
“The opportunity to meet with Ofac staff to better understand the various sanctions and their implications helps to ensure compliance with the letter and spirit of those measures,” said the IIB’s Polichene.
Financial groups have been on high alert for potential cyber attacks from Russia since the US government began briefing executives on potential sanctions earlier this year.
President Joe Biden told a recent meeting of the Business Roundtable, the corporate lobbying group, that a Russian cyber attack on the US was “coming” and said executives had a “patriotic obligation to invest as much as” possible in digital security.
So far, Russian cyber attacks have focused on Ukrainian agencies and infrastructure. Since the invasion began, there have been no significant actions against big banks operating in the US, according to a person who monitors the Financial Services Information Sharing and Analysis Center, or FS-ISAC, an industry wide-alert system for cyber threats.
Global banks have collaborated on cyber security efforts across borders for years using tools like FS-ISAC, but the US government has only recently started taking a more global approach, sources said.
“This is one of those areas where there’s actually really good collaboration, both industry talking to industry [and] industry talking to government,” Jon Pruzan, Morgan Stanley chief operating officer, said at a conference last month.
“To be frank, I think people are surprised that more hasn’t happened and it’s actually been quite quiet, but we are being very diligent.”