In latest cybersecurity news, UK banks reported 480% increase in breaches in 2018. The financial Conduct Authority attributed the rise in breaches due to increased reporting due to the new regulations like GDPR and PSD2 which required banks disclose the major security incidents to its customers. It was an open secret that banks did under report major security incidents, but increased sophistications of attacks is also a major contributing factor. Globally the number of security breaches continued its upward trajectory with attacks tripling over the year and average cost of cybercrime registering a 40% increase.
The digital age has made banks a very attractive target for cyber-attacks. Bedroom hackers to sophisticated industrial spy-rings continue to target banks with sophisticated attack strategies. The cybercrime eco-system is increasingly convoluted with new technologies like Artificial intelligence and IoT offering new beachheads to launch an attack.
Banks are ramping up their security defenses to counter emerging threats with innovative technology. It means driving cybersecurity as an enterprise wide strategy wherein compliance and security is ingrained at the micro-levels. Cybersecurity is not anymore a siloed IT function but is treated as a risk hedge requirements like that of credit, investments or compliance. The effects of cyber-attacks is not only loss in monetary terms, it also means reduced customer confidence and huge costs associated with rebuilding your systems. In-fact with large number of digital touch-points, the effective containment of the infection cannot be assured. Banks and financial institutions are finding the old adage, prevention is better than cure” an effective slogan for cybersecurity initiatives.
The threat ecosystems
The emerging threat perceptions are varying in style, sophistication and frequency. Historical data analysis finds that Distributed Denial of Service and payment system attacks are becoming more common. More than 2100 ransom-ware attacks were detected in 2018. Phishing attacks, insider jobs and IT failures are also increasing in frequency. Worldwide losses from cyber-attacks touched USD 1 Trillion in 2018 and insider sabotage has gone up by 60%.
The attack scheme of banking robberies in the digital age is always evolving. Attackers do considerable reconnaissance surveys identifying domain names, addresses and social media presence. Phishing mails and employee information are also actively sought ensuring a mother lode of information from varied sources. In fact insiders unload information for a fee in forums on the dark web which are taken up by criminals. Many banks are well protected across their network perimeters and attacks are easily detected. Recent attack patterns have been through phishing emails or insider sabotage. After gaining access, the intruders mask their footprints and erase all information of their presence. In such a scenario, it takes a long time for the banks to identify the alien presence in their midst and criminals remain undetected to inflict maximum damage to the system. The recent attacks in Nepal and Pakistan saw the entire banking system shut down for day resulting in severe economic downturns.
How are banks gearing up to combat attackers?
Information is the best weapon against the attackers. The ideal starting point would be an inventory of all assets and digital touch points which need to be further benchmarked against bank’s security mission. Banks need to be proactive, creative a dynamic health profile and align the threat perceptions to day to day operations. Leading financial institutions are employing artificial intelligence and data analytics to pro-actively hunt for threats and neutralize them. Machine learning algorithms are able to predict threats to 90% accuracy with lowest false positives.
Be a security aware culture
The cybersecurity model should believe in creating a framework with governance models, auditing and risk management. All this would overlay on the foundations of dynamic culture and change management. CISO must also have strategic powers and must be able to implement security protocols across business lines and functions. In large majority of companies, CISO remain a subset of the IT team. It is time to free the cybersecurity and compliance teams and create teams with separate budget and strategic aims. Skill deficiency is another area that banks need to work on. Trained cybersecurity personnel are essential to implement, deploy and scale up existing and future ready innovations. External advisors, consultants and vendors must be brought under the security framework and authorization protocols as that of in-house employees. The recent attack on Ticket Master or Target are classic examples of using third parties as beachheads for launching the attack. Banks also need to get the risk architecture updated. This will ensure in formulating processes and procedures for access, management and risks. In many cases lack of in-house password protocols lead to quick hackable codes that enable an easy entry in to the system.
Cybersecurity is a buzzword for financial institutions that are under constant attack in the digital world. Large majority have the technological acumen and tools to enable network and touch point level security. But failure happens when these burglar alarms are not effectively utilized by everybody in the system. Banks should focus on security as a culture paradigm. It will bring together functions, processes and people under a single umbrella of technology and tools.