In This Story
A new partnership between the Treasury Department and Wall Street banks looks to curb the threat of cyber attacks on the U.S. financial system.
The public-private alliance, dubbed Project Fortress, is part of the Treasury’s ongoing efforts to strengthen the security and resilience of the financial services sector amid rising threats from cyber criminals and other bad actors.
According to a letter sent by Deputy Treasury Secretary Wally Adeyemo to several banking groups, seen by Quartz, Project Fortress will include a mix of defensive and offensive actions, including the use of the Treasury’s national security team and law enforcement that will “make clear to our adversaries that they will face consequences for their attacks.”
Banks will also have the option to enroll in a “cyber hygiene” tool, which automatically scans firms for cybersecurity vulnerabilities, and an automated threat feed that aggregates indicators from federal agencies, international partners, and other financial institutions.
“The key to the success of Project Fortress is building on our public-private partnership,” Adeyemo wrote. “The more information we share with each other, the stronger our tools — both defensive and offensive — will be.”
The project will provide the financial services sector with free tools developed by the Treasury to help combat cyber threats, according to the American Bankers Association, which is hosting a webinar for banks and other members on June 6.
“The message to bad actors who want to use cyberspace to go after US financial institutions is: We are watching, we are protecting the system and we will come after you if you go after the US financial system,” one U.S. official told CNN. A source also told CNN that the department has already begun introducing parts of the program in bits and pieces over the last several months, while the Treasury continued to develop the project.
In early 2021, the International Monetary Fund warned that malicious actors “pose a growing threat to the global financial system, financial stability, and confidence in the integrity of the system,” given the increasingly digitized global financial system.
Financial institutions worldwide saw the second-highest number of reports of data breaches last year, according to cybersecurity firm SentinelOne. And the threat is on the rise, with the rate of ransomware attacks on financial services rising to 64% in 2023, nearly double the 34% reported in 2021.
These breaches can have serious consequences, both for customer data and for the institutions themselves. Losses incurred by financial organizations last year amounted to approximately $5.9 million per cyber incident, software company Positive Technologies estimated.