Viewing as:

Ransomware attack on core banking

Cyber · Severe but plausible · all 8 in-scope services

Scenario narrative

A ransomware payload detonates inside the core banking estate at 02:10 during the nightly batch, encrypting application servers and the primary database cluster. Backups are intact but restoration requires forensic clearance before restore-and-replay can begin. The attacker claims exfiltration; regulators and law enforcement are engaged. Recovery time is deeply uncertain: forensic hold, staged restore, and integrity reconciliation each carry tail risk. All channels that read or post to the core are affected from opening of business.

Shock set
CoreBank Processing Platform
applicationstochastic outage: lognormal (median ≈ 12h)
End-of-Day Batch Orchestrator
applicationstochastic outage: lognormal (median ≈ 10h)
Run simulation

The Examiner persona is read-only — switch to any operating role to launch a live run. The Monte Carlo executes in a Web Worker: the interface stays fully responsive while 10,000 iterations run.

Monte Carlo · 10,000 iterations · seed 20260101Standard day vs peak/stress day shown side by side; the amber figure is the probability of entering the EWI zone.
Debit Card Authorization
100%
breach probability
100%
amber (EWI) entry
Tolerance breach probability — standard vs peak day
Authorization restorationceiling 30m
Standard
100%
Peak day
100%
Declined genuine transactionsceiling 75,000 transactions
Standard
100%
Peak day
100%
3h
p50
3h
p90
3h
p95
3h
p99
Disruption duration distribution(amber = EWI 66% · red = tolerance)
Asset contribution to breach
CoreBank Processing Platform100%

Modal critical path: CoreBank Processing Platform

Domestic Wire Payments
99%
breach probability
100%
amber (EWI) entry
Tolerance breach probability — standard vs peak day
Wire service restorationceiling 4h
Standard
0%
Peak day
0%
Failed outbound wiresceiling 500 wires
Standard
99%
Peak day
100%
Delayed wire valueceiling $250.0M
Standard
98%
Peak day
100%
3h
p50
3h
p90
3h
p95
3h
p99
Disruption duration distribution(amber = EWI 75% · red = tolerance)
Asset contribution to breach
CoreBank Processing Platform100%

Modal critical path: CoreBank Processing Platform

Online & Mobile Banking
97%
breach probability
99%
amber (EWI) entry
Tolerance breach probability — standard vs peak day
Digital channel restorationceiling 2h
Standard
0%
Peak day
0%
Failed customer sessionsceiling 100,000 sessions
Standard
97%
Peak day
100%
1h
p50
1h
p90
1h
p95
1h
p99
Disruption duration distribution(amber = EWI 75% · red = tolerance)
Asset contribution to breach
CoreBank Processing Platform100%

Modal critical path: CoreBank Processing Platform

ACH Origination & Receipt
87%
breach probability
93%
amber (EWI) entry
Tolerance breach probability — standard vs peak day
ACH window recoveryceiling 8h
Standard
0%
Peak day
0%
Delayed ACH entriesceiling 50,000 entries
Standard
87%
Peak day
96%
1h 15m
p50
1h 15m
p90
1h 15m
p95
1h 15m
p99
Disruption duration distribution(amber = EWI 75% · red = tolerance)
Asset contribution to breach
CoreBank Processing Platform100%

Modal critical path: CoreBank Processing Platform

End-of-Day Core Processing
74%
breach probability
87%
amber (EWI) entry
Tolerance breach probability — standard vs peak day
Batch completion deadlineceiling 6h
Standard
74%
Peak day
74%
Missed batch cyclesceiling 1 batch cycles
Standard
14%
Peak day
14%
10h
p50
1d 4h
p90
1d 13h
p95
2d 18h
p99
Disruption duration distribution(amber = EWI 66% · red = tolerance)
Asset contribution to breach
End-of-Day Batch Orchestrator100%

Modal critical path: End-of-Day Batch Orchestrator

Branch & ATM Cash Access
41%
breach probability
53%
amber (EWI) entry
Tolerance breach probability — standard vs peak day
Cash access network restorationceiling 1d
Standard
0%
Peak day
0%
Failed cash withdrawalsceiling 25,000 withdrawals
Standard
41%
Peak day
61%
30m
p50
30m
p90
30m
p95
30m
p99
Disruption duration distribution(amber = EWI 75% · red = tolerance)
Asset contribution to breach
CoreBank Processing Platform100%

Modal critical path: CoreBank Processing Platform

Commercial Cash Management Portal
38%
breach probability
54%
amber (EWI) entry
Tolerance breach probability — standard vs peak day
Portal restorationceiling 4h
Standard
0%
Peak day
0%
Delayed corporate payment valueceiling $500.0M
Standard
38%
Peak day
61%
1h 45m
p50
1h 45m
p90
1h 45m
p95
1h 45m
p99
Disruption duration distribution(amber = EWI 75% · red = tolerance)
Asset contribution to breach
CoreBank Processing Platform100%

Modal critical path: CoreBank Processing Platform

Mortgage Servicing Payments Processing
0%
breach probability
0%
amber (EWI) entry
Tolerance breach probability — standard vs peak day
Payment application recoveryceiling 2d
Standard
0%
Peak day
0%
Misapplied or delayed paymentsceiling 5,000 payments
Standard
0%
Peak day
0%
0m
p50
0m
p90
0m
p95
0m
p99
Disruption duration distribution(amber = EWI 75% · red = tolerance)
Asset contribution to breach

No breach-driving assets identified (service unaffected by this shock set).

Regulatory basis
PRA-SS1/21Scenario testingSS1/21 §5

Firms must test their ability to remain within impact tolerances under severe but plausible disruption scenarios, increasing sophistication over time.

OSFI-E21Scenario testing of resilienceE-21 §6

Institutions test critical operations against severe but plausible scenarios, using results to assess whether tolerances would be breached and to remediate weaknesses.

EU-DORADigital operational resilience testingDORA Art.24-26

A proportionate testing programme (including advanced threat-led testing for significant entities) validates the entity's ability to withstand ICT disruption.

BCBS-PORBusiness continuity planning & testingPOR P3

Banks maintain and test business continuity plans under severe but plausible scenarios to continue delivering critical operations through disruption.

Expectations are paraphrased for demonstration; consult the source instruments for authoritative text.

Global search

Search services, processes, assets, scenarios, vulnerabilities, and regulatory provisions