US financial firms are on cyber alert as geopolitical tensions rise following the unfolding US war in Iran, with banks and market operators stepping up monitoring for threats that often increase during conflict, executives and analysts say.
The killing of Iranian Supreme Leader Syed Ali Khamenei in an air strike last weekend has intensified regional instability, rattled markets and heightened concerns about potential Iran-linked cyber activity aimed at US financial services.
Financial firms are frequent targets because the sector operates critical infrastructure, including payments, clearing and settlement systems, trading platforms, and key Treasury market functions.
US Financial Firms on Cyber Alert as Geopolitical Risks Rise
Industry officials say vigilance is already standard practice, but firms are intensifying monitoring and readiness as global cyber risk climbs.
Todd Klessman, managing director for financial services cyber and technology at SIFMA, said the industry remains ready to respond to cyber threats at all times, especially during periods of heightened risk. He added that operational resilience is foundational to the integrity and stability of US capital markets.
Just before the US strike on Iran, a surge of suspiciously timed bets on prediction markets triggered fresh insider trading alarms. Funds that let investors mirror the stock trades of Congress are under scrutiny. Tidal Financial Group’s Dan Weiskopf said ‘the grift continues’ pic.twitter.com/LlCnEsmJDs
— Reuters (@Reuters) March 3, 2026Another senior banking official said lenders are concerned about the likelihood of cyberattacks, given the current environment.
What types of attacks are on the radar?
A US intelligence assessment cited in reporting said Iran-aligned “hacktivists” could attempt low-level cyberattacks against US networks, including distributed denial-of-service (DDoS) attacks. These attacks aim to overwhelm servers with a flood of internet traffic, disrupting service access.
Morningstar DBRS warned that the biggest risks to global banks and asset managers could be indirect, such as sustained higher oil prices and broader shocks to borrowers, but also said cyber risks could rise if Iran escalates attacks against Western entities, including banks.
Lazard’s geopolitical advisory team also flagged cyber risk, noting Iran has demonstrated a willingness to deploy cyber capabilities against commercial targets, including financial systems.
While the US financial system has not recently seen a major market-wide breakdown caused by hostile cyber activity, smaller DDoS and ransomware incidents have disrupted parts of the market.
Read: Trump, Rubio Contradict Rationale for US Entry Into Iran War
One example cited was a 2023 ransomware attack on the US broker-dealer unit of Industrial and Commercial Bank of China, which disrupted settlement of some US Treasury trades.
A 2025 FS-ISAC report also said the financial services sector was the top target of DDoS attacks in 2024, with global conflicts fueling a surge in hacktivism.
As tensions persist, firms are focusing on continuity planning, rapid detection and response, and the ability to keep core market functions operating even under stress.
