Major U.S. banks have been cooperating with the Department of Treasury in its efforts to prevent cyberattacks by engaging in a simulation exercise involving role play and shared information, Bloomberg reported. The concern arises from Russia’s invasion of Ukraine; Treasury believes that Russia could engage in a cyberattack against U.S. banks. And even if minor banks or third-party service providers are targeted, such an attack could imperil everyone in a highly connected system. 

According to Bloomberg, Treasury officials gathered executives of several top banks late last month and practiced how they would reach one another and work together across a range of cyberattack scenarios. The exercise included JPMorgan Chase & Co., Bank of America Corp. and Morgan Stanley. It ran through five hypothetical threat levels, ranging from minor assaults to a full-scale onslaught on multiple banks and critical payment systems. 

Bloomberg interviewed Todd Conklin, a counselor to the Treasury’s No. 2 official, Deputy Secretary Wally Adeyemo. He said, “Once we knew where we were going to land with some of the initial sanctions packages [against Russia] by the end of 2021 and how severe they were going to be, we knew we had to update our incident-response playbooks and work with the sector to increase intel sharing.” He added, “Telling them ‘shields-up’ without providing additional support and intel sharing isn’t that helpful. It’s making sure, if something does happen, we have a plan in place for a collective response.”  

Because Treasury is more than a regulator, it must also defend itself against cyberattacks. The department issues U.S. government debt and the Federal Reserve is an interbank payments provider, and its systems can be subject to attack 

In the 2020 SolarWinds attack, Russian hackers used a compromised piece of software to gain access to nearly 18,000 computer systems at more than 100 companies and nine federal government agencies, including the Treasury, Homeland Security and the State Department. After that attack, Treasury began fortifying its own defenses. It has made major investments  to modernize its information technology, advance encryption technology and rebuild its entire email system. As Russian was preparing to invade Ukraine, the department shortened its timeline for this project, from three years to six months. For the upcoming fiscal year, the Treasury has asked for an increase of $135 million for departmentwide investments in cybersecurity. 

Although Russia has so far not responded to sanctions with an attack on the United States, Adeyemo warned that risks are always present. “There are, every day, actors of all kinds who are trying to penetrate or trying to take advantage of our financial system, or the regulatory system,” he said. “Regardless of what happened yesterday, we have to be equally as vigilant as we were the day before.”