Cyberattacks hold ‘potentially significant impact’ on countries’ credit ratings: Fitch Report

Cyberattacks hold ‘potentially significant impact’ on countries’ credit ratings: Fitch Report
Representational imageCanva
  • Cyberattacks are a growing risk with countries devoting more resources to defend against them.
  • The research firm says that cyberattacks carry a tail risk with “potentially significant impact” on creditworthiness.
  • Rich countries, countries with lower preparedness and those with geopolitical tensions are amongst the top targets of cyber attackers.
Cyberattacks are a growing risk with countries devoting more resources to defend against them, according to a report by Fitch Ratings. The research firm says that cyberattacks carry a tail risk that could have a major impact on the creditworthiness of victim countries.

“Ranked alongside other sovereign creditworthiness drivers, the risk of a severe cyberattack is a tail risk, a low probability event but with potentially significant impact,” said a report by Fitch Ratings.

Tail risk refers to the chance of a loss occurring due to a rare event, based on predictions using a probability distribution.

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More
Countries with little capability to defend against cyberattacks are at a higher risk, as seen in the 2022 ransomware attack on Costa Rica, which is said to have caused losses to the tune of $30 million per day.

“Cyberattacks constitute a relevant and growing concern for sovereigns. However, their tail risk nature and lack of historical precedents make them a hard risk to predict and measure,” said Charles Seville, senior director, Fitch Ratings.


The unpredictability of cyberattacks has meant that determining the exact impact of these events on the countries’ creditworthiness is difficult, more so when these attacks have not had a substantial impact on countries’ ability to repay liabilities. This is also why cyberattacks have not figured so far in ratings action by Fitch, the firm says.

The Fitch report also stated that most of these attacks have caused limited damage and have not affected economies sufficiently, so far, to show up in statistics.

Countries with geopolitical tensions, low preparedness among top targets

According to the research firm, countries facing geopolitical tensions and those with low preparedness against cyberattacks are amongst the top targets.

For instance, after talks between US and Russia failed on Ukraine’s future in NATO, cyber attackers took down more than a dozen Ukrainian government websites. Ukrainian officials pegged the number at 70, although most of the websites were restored within an hour of the attack.

A month later, as tensions between Russia and Ukraine continued to escalate, cyber attackers again took down multiple Ukrainian government and bank websites, days before Russia’s full-scale invasion of Ukraine.

Further underlining how geopolitical tensions have led to an increased incidence of cyberattacks, Russia, China and the US are the top three countries facing cyberattacks, according to real-time data from security firm Kaspersky. Tensions between the US on one hand, and Russia and China on the other hand, have been elevated for a while now.

Richer countries and countries with weak cyber security also make for tempting targets, according to Fitch.

While attacking developed economies could give the hackers a bigger payday, these economies have stronger buffers to prepare against these attacks and test contingency plans to deal with the fallout.

Earlier in October, a pro-Russian hacker group ‘Killnet’ was reportedly behind a cyberattack against more than a dozen US airport websites, but the hackers only managed to create temporary inconvenience.

‘Profit is the most common motive’

A big payday is the most common motive for cyber attackers, according to the report.

“As the case of the 2022 ransomware attack on neutral Costa Rica demonstrates, they can strike anywhere and profit is the most common motive,” the report added.

Cryptocurrency hacks, for instance, have resulted in over $2 billion worth of cryptocurrencies being stolen by hackers in 2022 alone. This includes high-profile attacks like the one on Binance, the world’s largest cryptocurrency exchange by volume – hackers stole $570 million from a blockchain linked with Binance in October this year.

From a sovereign perspective, too, the treasury and central banks are the most critical targets, according to the report – for instance, hackers stole $81 million from the Bank of Bangladesh’ forex reserves, making it the most high-profile attack on a central bank.


CBDC trial a landmark moment in the history of money: Shaktikanta Das

10 things to know about Fusion Micro Finance IPO that opens from Nov 2 to Nov 4

Markets turn choppy ahead of US Fed monetary policy outcome