Yazılar

Global regulators step up oversight of AI risks in finance

/in /tarafından

Global financial watchdogs are intensifying their scrutiny of artificial intelligence (AI) in the banking sector, warning that heavy reliance on shared AI systems could threaten financial stability. As the use of AI accelerates across global markets, regulators are moving to monitor systemic risks and strengthen their own technological capabilities.

In a report published Friday, the Financial Stability Board (FSB) — which advises G20 governments — said widespread adoption of the same AI models and infrastructure could create “herd-like behaviour” across financial institutions. “This heavy reliance can create vulnerabilities if there are few alternatives available,” the FSB cautioned, warning that such concentration could amplify shocks during market stress.

A separate study by the Bank for International Settlements (BIS) urged regulators and central banks to “raise their game” in monitoring and using AI. The BIS said authorities must not only understand AI’s potential to reshape markets but also adopt the technology themselves to improve supervision and data analysis.

The report comes amid an international race — led by the United States and China — to dominate next-generation AI tools and applications, including those that underpin financial services.

While the FSB said there is currently “little empirical evidence” that AI-driven correlations have directly impacted market outcomes, it warned that AI could increase exposure to cyberattacks and algorithmic fraud.

Some jurisdictions have already acted. The European Union’s Digital Operational Resilience Act (DORA), which took effect in January, establishes new rules for digital and AI-based systems used by financial institutions.

The emerging consensus among regulators is clear: AI promises efficiency and insight, but without vigilant oversight, it could become a new source of systemic risk in global finance.

Poland warns of surge in Russian cyberattacks on critical infrastructure

/in /tarafından

Poland is facing an unprecedented wave of cyberattacks, much of it traced to Russian military intelligence, according to the country’s digital affairs minister, Krzysztof Gawkowski. He told Reuters that Russia has tripled its cyber resources directed at Poland this year, targeting sectors vital to national security.

Of the 170,000 cyber incidents recorded in the first nine months of 2025, a “significant portion” was attributed to Russian state-linked actors, while the rest involved financially motivated cybercrime. Poland now faces 2,000–4,000 attacks daily, of which 700–1,000 pose real threats to key infrastructure, Gawkowski said.

The minister noted that Russian groups are expanding their focus beyond water and sewage systems to include energy networks, and warned that the activity is becoming more coordinated and sophisticated. “Russian activity is the most severe because it targets infrastructure essential to maintaining normal life,” he said.

A major escalation occurred on September 10, when a cyberattack coincided with a Russian drone strike, marking Poland’s largest coordinated digital assault since the start of the Ukraine war in 2022. False claims spread online that Ukraine had launched the drones, amplified by bot networks that had been dormant for years before suddenly reactivating.

Warsaw officials say Poland has become Russia’s top cyber target within NATO, due to its support for Kyiv and its strategic role in supplying Ukraine. The Russian embassy in Warsaw did not respond to requests for comment but has consistently denied involvement in cyber operations.

Google says over 100 firms likely hit in Oracle-linked hacking campaign

/in /tarafından

Google warned that more than 100 companies may have been compromised in a massive cyberattack targeting Oracle’s E-Business Suite, a core system used by corporations to manage supply chains, customer data, and manufacturing operations.

In a statement released Thursday, Google said “mass amounts of customer data” were stolen in the attack, which may have begun three months ago. The company attributed the breach to the CL0P ransomware group, known for large-scale cyber intrusions exploiting third-party software vulnerabilities.

“This level of investment suggests the threat actor dedicated significant resources to pre-attack research,” Google’s cybersecurity division said. Analyst Austin Larsen added that while dozens of victims have been confirmed, “based on the scale of previous CL0P campaigns, it is likely there are over a hundred.”

The breach appears to have targeted Oracle’s E-Business Suite, used by corporations worldwide to manage sensitive operations including logistics, customer relations, and payments. Oracle has not publicly commented beyond acknowledging ongoing extortion attempts against some clients.

CL0P, which has previously claimed responsibility for major data thefts, told Reuters earlier this week that Oracle had “bugged up their core product.” The group is reportedly threatening to publish stolen data unless ransom demands are met.

Cyber experts say the scale of the attack could rival the MOVEit hack of 2023, underlining the growing risk of supply chain breaches that exploit trusted enterprise software systems.