As it is with most cases the views on the risks of cyber attacks, both perceived and real, vary between two groups of expert opinions. While some experts opine that cyber attacks are not only inevitable but imminent and could bring all sectors of the US economy to a standstill, others say that the threat of cyber risks have been blown out of proportion, as critical structures of the country are well protected. According to Richard Clarke (White House cyberspace advisor till 2003), as quoted in the Washington Monthly, 2002, companies know that they will lose a certain amount of revenue from cyber attack and since cyber attack is not considered to be an important threat, the amount spent on cyber security is even less than the amount spend on coffee in the office.
Financial institutions, which not only include banks and other depositories but also investment companies, insurers, security dealers, etc, comprise the critical financial sector of the US economy. As more and more of the financial sector is getting dependent on information technology, the risk of cyber attacks has become very real. In the President’s Commission on Critical Infrastructure Protection of 1996 and 1997, analysts clearly predicted the growing risk that the financial sector would be facing due to systems vulnerability. Almost every sector today works with data that is on the system rather than being physically on paper. This has not only increased the vulnerability of the sector but also made it more system-dependent.
Cyber attacks are taking various forms such as theft of credit cards, misuse of private information, and stealing of intellectual property; the estimated costs by way of financial loss was found to be approximately USD 200 billion in 2004. The Computer Emergency Readiness Team (CERT) reported 80,000 cases of cyber attacks on the financial, defense, aerospace and computing industries, among others, in March 2007.
Here is an example to