Were subject to cyberattacks in the financial industry in 67% of cases. This was reported at the XXV All-Russian Banking Conference by Olga Yarygina, Deputy Chairman of the Board of JSC Bank 131.
“In 2024, 67% of cyberattacks were
committed on API gateways of neobanks. However, not all attacks were successful. Banks are good at repelling them. Nevertheless, the risk exists, and it must be managed efficiently with the help of the regulator and credit institutions,” Olga Yarygina noted.
Despite the high percentage of cyberattacks, financial industry players are confident in the safety of implementing open APIs (program interfaces). Mikhail Myznikov, Advisor to the Department of the National Payment System of the Bank of Russia, believes that this will require the efforts of all market participants: “We analyzed the European
experience of maintaining open APIs.
And of course, we took it into account, but how good it is is a big question. I am sure that our implementation of open list to data APIs will be better than in Europe. Of course, there are risks, and they are very large. But the industry itself – the banks that accept these risks – should play an important role in the development of open APIs. We have very large projects that are carried out not within the walls of the regulator, but on the platforms of market participants. And we strongly encourage the participation of a larger number of banks with different experience and understanding of risks in this process.”
“The regulator, of course, sometimes
causes some discomfort to banks. But at the same time, it approaches cybersecurity issues in the financial sector very well. All the measures that the Bank of Russia takes in this direction will not become an obstacle to the implementation of new technologies. In any case, we will come to open APIs. We just need to manage technologies competently. And responsibility for cybersecurity primarily lies with the clients themselves, who always need to be vigilant,” Olga Yarygina added.
Deputy Head of the Department advantages of influencer marketing: for Interaction with Government Agencies at Tochka JSC Gleb Zhizhanov spoke about the security of open APIs using the example of a digital bank: “We are a digital bank, we do not have offices. We serve clients through remote channels. And our fraud and deception rates are several times lower than the market average. This suggests dating data that remote digital channels and technologies can also be safe. You just need to choose the right risk management model and put security interests above immediate convenience and profit. Therefore, open APIs are simply a new technology for which you need to choose adequate risk mitigation measures.”