As a bipartisan group of legislators tries to put TikTok out of business in the United States over its China-based ownership and sketchy history of leveraging user data, the stakes for U.S.-based FIs are different. It’s less about access to the catchy videos made famous on the social media platform and more about being vigilant against cyberattacks spawned by ramped-up geopolitical tensions. Javelin Strategy & Research has been signaling an increase in attacks from political adversaries against critical infrastructure, with the aim of shaking consumer confidence, stealing sensitive information and intellectual property, and disrupting service.

This impact note lays out the ways in which FIs will be targeted, how nation-states and well-funded cybercrime groups collaborate, and where FIs need to shore up their own defenses.