US financial institutions are intensifying cybersecurity monitoring amid rising geopolitical tensions following the assassination of Iranian Supreme Leader Ali Khamenei, with industry executives warning of an elevated risk of cyberattacks. Banks, asset managers, and other critical financial services firms are stepping up defenses as concerns grow that Iran-aligned actors could target the United States’ financial infrastructure during the ongoing conflict. The US financial sector operates systems central to the functioning of the economy, including payment networks, clearing and settlement platforms, trading systems, and Treasury markets, making it a prime target for potential cyber incidents during periods of heightened international conflict.
Officials from industry group Securities Industry and Financial Markets Association, SIFMA, emphasized that financial firms remain vigilant, routinely preparing for cyber emergencies and continuously monitoring emerging threats. Todd Klessman, SIFMA’s managing director for financial services, cyber, and technology, highlighted that operational resilience is critical to maintaining stability in US capital markets. Firms are coordinating internally and externally to ensure continuity of operations, with emphasis on rapidly identifying, responding to, and mitigating cyber risks that may arise from the escalation of hostilities in the Middle East. Senior banking executives also note that the likelihood of cyberattacks is significant, even if initial operations are limited in scale.
US intelligence assessments indicate that Iran-aligned hacktivist groups could carry out low-level cyberattacks, including distributed denial-of-service attacks designed to overwhelm servers with traffic. While indirect economic effects such as oil price volatility and market shocks remain the most immediate risks, credit rating agency Morningstar DBRS warned that cyber risks could also increase, particularly against financial networks. Investment bank Lazard’s geopolitical advisory team also flagged the potential for attacks targeting commercial entities, noting Iran’s demonstrated capability and willingness to deploy cyber operations against financial systems. These warnings come against a backdrop of previous disruptions, including ransomware and DDoS incidents that have affected smaller segments of the market, such as a 2023 attack on the US broker-dealer unit of Industrial and Commercial Bank of China, which delayed settlement of Treasury trades.
Historical trends underline the sector’s vulnerability during conflict periods. FS-ISAC, the Financial Services Information Sharing and Analysis Centre, reported in 2025 that financial services were the top target of DDoS attacks in 2024, with regional conflicts like the Hamas-Israel and Russia-Ukraine wars fueling hacktivist activity. Current measures include sharing intelligence across organizations, implementing stronger access controls, and coordinating with government agencies to ensure up-to-date guidance is available for threat mitigation. FS-ISAC emphasized the importance of maintaining secure communications and threat visibility across the ecosystem to protect the global financial system and maintain operational continuity as tensions in the Middle East continue to evolve.
Financial firms are closely monitoring the situation, reinforcing defenses, and preparing for potential disruptions to critical services, reflecting a proactive approach to cyber risk management amid ongoing international conflict.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
