Executives and analysts reported that with the ongoing U.S. war with Iran, the U.S. financial services sector is increasingly becoming hyper-vigilant about the possibilities of cyberattacks, and the companies are increasing their efforts to keep track of threats, which tend to increase during times of geopolitical warfare.
The assassination of Iranian Supreme Leader Ali Khamenei over the weekend in an air attack has triggered a conflagration in the Middle East that shook markets around the world and raised the possibility of Iran-related cyberattacks targeting the U.S. financial services sector.
Industry data indicated that the financial services sector is one of the first to prioritize cybersecurity, operating essential U.S. infrastructure, including payments, clearing and settlement systems, and trading platforms and Treasury markets, making it a prime target of cyberattacks.
“The industry remains vigilant and ready to respond to cyber threats at all times, and especially when global cybersecurity risks are heightened,” said Todd Klessman, managing director for financial services cyber and technology at industry group SIFMA, which runs an annual exercise to ensure financial firms can operate through significant cyber emergencies.
Klessman stated, “We continue to monitor the current situation with a focus on operational resilience, which is foundational to the integrity and stability of the U.S. capital markets.”
A second senior banking industry representative added that lenders are extremely worried about the potential of cyberattacks, which they regard as probable.
A U.S. intelligence assessment reported by Reuters on Monday suggested that low-level cyberattacks could be perpetrated by Iran-aligned “hacktivists” against U.S. networks, including distributed denial-of-service attacks (DDoS), in which malicious actors flood a targeted server with a deluge of internet traffic.
Credit rating agency Morningstar DBRS told on Tuesday that the most notable risks to global banks and asset managers would be indirect, such as sustained higher oil prices and shocks to borrowers, but that cyber risks might also increase.
The credit rating agency added that “Iran could increase its cyberattacks against Western entities, including banks.”
The geopolitical advisory team of U.S. investment bank Lazard also raised the issue of cyber risks last week, stating that Iran has already been willing to use a cyber capability against commercially-oriented targets, including financial systems.
A report by the Financial Services Information Sharing and Analysis Center (FS-ISAC), an industry consortium, in 2025 estimates that the financial services sector was the most targeted by DDoS attacks in 2024 and that the Hamas-Israel and Russia-Ukraine wars encouraged a rise in hacktivism.
Although the industry has not experienced a significant disturbance in the recent past through a hostile attack, smaller-scale DDOS attacks and ransomware attacks have triggered a breakdown of pockets of the market.
A 2023 ransomware attack on the U.S. broker‑dealer unit of Industrial and Commercial Bank of China caused a settlement of certain trades in the U.S. Treasury. A spokesperson for FS-ISAC did not immediately provide a comment.
