The banks have admitted guilt and they are paying us back for all the dodgy deals they got into! Well, not really. Banks are, in effect, 'fessing up to having behaved fraudulently or criminally. However what 'settling' means is actually 'paying regulators to shut up and stop asking difficult questions'.
The problem for the hard pressed banks' Chief Information Security Officers is that today's attacks are not noisy ego driven dares by bored youngsters, rather they are well-funded, highly motivated attacks by criminal gangs using the full power of the internet to resource and carry them out. It is also all about making money rather than fame as the motivation for such hacks and attacks.