You might be using an unsupported or outdated browser. To get the best possible experience please use the latest version of Chrome, Firefox, Safari, or Microsoft Edge to view this website.

The western allies have implemented unprecedented, crushing sanctions against Russia since it invaded Ukraine two weeks ago. Their impact on the Russian economy has been severe, but many experts fear the Kremlin could retaliate with cyberattacks.

Reuters reports that U.S. banks are preparing for Russian cyberattacks, although other reports suggest that Russia is likely still weighing its options. During a press briefing on March 5, White House press secretary Jen Psaki said the U.S. is prepared if cyberattacks do happen.

How real is the threat of cyberattacks—and can you trust your bank to protect your money and your personal information? We spoke with experts to learn more.

Russia has already demonstrated its ability to engage in direct cyberattacks against governments, including Ukraine.

In 2015, Russian hackers breached the Ukrainian power grid, resulting in nationwide outages. In 2017, it installed malware on Ukraine’s accounting software, which spread across the world and caused billions in dollars in damages and disruption.

“The Russian government understands that disabling or destroying critical infrastructure—including power and communications—can augment pressure on a country’s government, military and population and accelerate their acceding to Russian objectives,” reads guidance from the Cybersecurity & Infrastructure Security Agency (CISA), a federal agency.

As the situation has intensified, U.S. officials have expressed concern that Russia could deploy cyberwarfare attacks on government or corporate targets in the West.

“Russia’s unprovoked attack on Ukraine, which has been accompanied by cyber-attacks on the Ukrainian government and critical infrastructure organizations, may have consequences for our own nation’s critical infrastructure, a potential we’ve been warning about for months,” reads the statement from CISA.

Though there may be a heightened sense of alert right now, cyberattacks on banks aren’t new; even in times of peace, financial systems are regular targets and already have experienced breaches.

In 2021, Chase Bank, Morgan Stanley, Robinhood and other financial institutions reported either falling victim to data breaches or experiencing phishing attempts, according to the Carnegie Endowment for International Peace.

Large-scale cyberattacks aim to disrupt economies; small-scale ones focus on stealing from consumers; experts say Russia is capable of both. Hackers that target banks are usually after personal data that can be used to impersonate someone and gain access to things like bank accounts, says Stephan Gonzalez, vice president of technology risk at Achieva Credit Union.

“It all comes down to money, some way or another,” Gonzalez says. “And no consumer is too small for an attack.”

Large-scale cyberattacks aim to cause as much damage as possible, says Lal, usually by crippling infrastructure or aspects of the economy. A recent example includes the Colonial Pipeline incident, where Russian-affiliated hackers took down the largest fuel pipeline in the country, leading to fuel shortages along the East Coast. The hack was accomplished with a single compromised password.

Experts are using the threat of Russian cyberattacks as an opportunity to remind consumers and businesses that these threats aren’t new—and they need to be vigilant in protecting themselves.

“This is a real threat that’s here to stay, and it’s not just because we have an incident currently going on in Russia and Ukraine,” says Anurag Lal, VP and CEO of Netsfere and former director of the U.S. National Broadband Task Force for the FCC under President Obama.

The financial services industry is intertwined and if one part is hacked, it can have ripple effects that negatively impacts other parts. If payment processors were taken offline by an attack, for example, stock exchange transactions would come to a halt. If third-party providers, such as data storage services or electric utilities were compromised, millions of people and businesses could lose power.

Since they’re regularly targeted, financial systems spend a lot of money preparing for and guarding against attacks. In November 2021, the Securities Industry and Financial Markets Association, a trade association, led a global ransomware drill to practice fighting against such attacks. The drill included over 240 public and private sector institutions, including financial firms and central banks.

Big banks allocate hefty percentages of their budget toward cybersecurity; Bank of America, for example, spends $1 billion annually on its cybersecurity efforts.

A large-scale cyberattack sounds scary, and in most cases, there’s little you can do to protect yourself from being exposed to its consequences. Experts say consumers should be more concerned about smaller-scale attacks, especially when it comes to keeping their personal data safe.

Knowing how cyberattacks work, and what you can do to prevent your data from being compromised, is key to preventing your personal information from being breached. However, it’s important to note these are best practices but there no surefire way to fully protect yourself from data breaches.

Cyberattacks occur through a variety of methods, including:

Aside from being diligent with identifying potential scams and hack attempts, there are other ways to keep your accounts safe:

Read more: 8 Common Bank Scams (And How To Avoid Them)

I'm a Consumer Finance Reporter for Forbes Advisor. I cover what's going on in the news and how it affects your bottom line. I've been featured as a personal finance expert in outlets like CNBC, Yahoo! Finance, CBS News Radio and more. I'm currently based in Paris, France where I am pursuing my master's degree in communication studies. Follow me on Twitter at @keywordkelly.