To bankers, Donald Trump's comments Wednesday encouraging Russian hackers were a bit like someone tweeting out the address to an already-packed party.
As it stands, the cybersecurity climate is an all-hands-on-deck situation, so one more threat — even one prompted by one of the loudest voices in the country — may not matter much.
"We know that our community bank is attacked every day by Russian, Chinese and North Korean cyber hacker teams and it is my understanding that every community bank and credit union in the U.S. is under a similar relentless daily attack," said Stephen Lange Ranzini, president of the $140 million-asset University Bank in Ann Arbor, Mich. "These attacks won't increase or decrease based on anything Donald Trump says."
-
Donald Trump's decision to embrace the reinstatement of the Glass-Steagall Act is part of an effort to cast him as the champion of community banks, according to his top advisers.
July 20 -
While surprised and alarmed by Donald Trump's decision to add the reinstatement of the 1930s-era banking law to the GOP platform, Republican lawmakers at the convention in Cleveland maintained that Trump is a better choice for the economy and the financial system. Here's why.
July 19 -
Sens. Bernie Sanders, D-Vt., and Elizabeth Warren, D-Mass., said presumptive Democratic presidential nominee Hillary Clinton will ensure big banks do not again threaten the financial system.
July 26
For those unfamiliar with the Republican presidential candidate's controversy du jour, Trump said Wednesday he hopes Russia hackers find 30,000 of Hillary Clinton's emails from when she was secretary of state. Political pundits pondered whether the remarks were treasonous or simply another example of Trump's bombastic style.
Like Ranzini, other bank executives said cybersecurity is an always-on priority, not one reactive to various threats.
"Cybersecurity is not like physical security where you can put more people on it," said Tim Lenhoff, chief technology officer at the $5.3 billion-asset Dime Community Bancshares. "Your cyber defense is your cyber defense and you can't ramp it up based on a news story, it should be ramped up all the time."
But others say banks should care about the Trump comments for that specific reason. Banks are already overwhelmed by threats — they certainly don't want someone actively encouraging an attack to the U.S. government.
"We're in the midst of a growing epidemic of cybercrime. To have anyone solicit this type of criminal activity against an individual or an organization is unlawful and appalling," said Edward J. McAndrew, a partner at the law firm of Ballard Spahr, who served for a decade as a federal cybercrime prosecutor and national security cyber specialist at the Department of Justice. "If this doesn't cross the line, it walks right up to the line of soliciting a serious federal felony."
Trump's comments related to emails from Hillary Clinton's personal server during her time as secretary of state, and were said in response to questions about Russia's potential involvement in hacks to the Democratic National Committee and posted by WikiLeaks last week.
That breach should matter to banks, too, McAndrew said.
"In that instance, we aren't just talking about emails concerning issues of political interest — these emails included social security numbers, credit card numbers and other personal information that is protected from disclosure by numerous federal and state laws," he said.
Others IT execs chalked Trump's comments up to sarcasm.
"It doesn't worry me…If he was actively doing something dangerous from a cybersecurity perspective I would have a different opinion," said an IT executive at a community bank in the Midwest. "When politicking I think everything needs to be taken with a grain of salt."
The executive added that the private email server Clinton had was more worrisome to him.
"The bigger cybersecurity concern to me is having an established political leader claiming ignorance and actively engaging in dangerous activity such as a private email server," the executive said. "If you took the [political affiliations] out of it and asked security professionals if having a private email server housing confidential information is concerning, everyone would say yes."
