Russian Banks Step Up Defenses Against Cyber Risks
Attackers are increasingly targeting banks through external contractors, but financial institutions are adapting to the threat
In 2025, Russian banks increasingly recorded cyber incidents whose source was not their own systems, but external contractors. These include software developers, systems integrators, cloud service providers, and other IT vendors.
The growing number of digital connections has made supply chains one of the most vulnerable points in the financial infrastructure.
Credentials Under Threat
According to industry research and assessments by information security firms, a significant share of attacks begin with the compromise of contractors’ credentials or misconfigurations in external services. Through these channels, attackers gain access to corporate networks, management systems, or customer data. The more complex the ecosystem, the higher the risk that the weakest link lies outside the bank’s own IT perimeter.
Supplier Audits
Banks are responding by revising their models of cooperation with partners. They are tightening information security requirements in contracts, introducing mandatory supplier audits, and expanding oversight of cloud services.
Security teams are also conducting regular tests aimed at simulating external intrusion into internal networks. Tools for continuous monitoring of access and behavior linked to external accounts are being used more frequently.
Reducing Excessive Privileges
A separate focus is being placed on access rights management. Banks are cutting back excessive privileges by applying the principle of least privilege and strengthening multi-factor authentication for contractors. This reduces the likelihood that a single mistake escalates into a large-scale incident.
A Holistic Approach
Experts say that in 2026, banks’ approach to cybersecurity will become more holistic. The boundaries between internal and external IT environments will effectively disappear. Everything connected to business processes will be treated as part of a single protected system. This “tectonic” shift will make managing the entire digital ecosystem as important as defending banks’ own servers.
As a result, banks are moving from point solutions to a managed-risk model. This allows them to expand partner-driven IT services with greater confidence, without increasing the risk of missing a cyberattack.
