Ransomware attack on core banking
Cyber · Severe but plausible · all 8 in-scope services
A ransomware payload detonates inside the core banking estate at 02:10 during the nightly batch, encrypting application servers and the primary database cluster. Backups are intact but restoration requires forensic clearance before restore-and-replay can begin. The attacker claims exfiltration; regulators and law enforcement are engaged. Recovery time is deeply uncertain: forensic hold, staged restore, and integrity reconciliation each carry tail risk. All channels that read or post to the core are affected from opening of business.
The Examiner persona is read-only — switch to any operating role to launch a live run. The Monte Carlo executes in a Web Worker: the interface stays fully responsive while 10,000 iterations run.
Modal critical path: CoreBank Processing Platform
Modal critical path: CoreBank Processing Platform
Modal critical path: CoreBank Processing Platform
Modal critical path: CoreBank Processing Platform
Modal critical path: End-of-Day Batch Orchestrator
Modal critical path: CoreBank Processing Platform
Modal critical path: CoreBank Processing Platform
No breach-driving assets identified (service unaffected by this shock set).
Firms must test their ability to remain within impact tolerances under severe but plausible disruption scenarios, increasing sophistication over time.
Institutions test critical operations against severe but plausible scenarios, using results to assess whether tolerances would be breached and to remediate weaknesses.
A proportionate testing programme (including advanced threat-led testing for significant entities) validates the entity's ability to withstand ICT disruption.
Banks maintain and test business continuity plans under severe but plausible scenarios to continue delivering critical operations through disruption.
Expectations are paraphrased for demonstration; consult the source instruments for authoritative text.