Invest in bank security

Last month, the Bangko Sentral ng Pilipinas issued a circular directing all its supervised financial institutions to adopt stricter authentication measures for online transactions in order to ensure a safe environment for digital financial services and protect consumers against cyberattacks.

The BSP said the circular was in response to the increasing frequency and sophistication of cyberattacks involving fund transfers, payments and other transactions done through online channels. All BSP-supervised financial institutions were ordered to implement a multifactor authentication scheme by Sept. 30; they were also told that their plans of action with specific timelines and the status of initiatives being undertaken to achieve full compliance should be readily available for BSP inspection starting this month.

At about the same time, there was a global warning on a ransomware attack, which eventually affected hundreds of thousands of organizations in 150 countries. It was about a malware that locks files and asks for payment to unlock those files. Among those reported to have been affected were international courier Fedex, train systems in Germany, a Spanish telecommunications company, universities in Asia, Russia’s interior ministry, and hospitals in Britain.

Monetary authorities in the Philippines were quick to announce that there were no reports of the malware affecting the local banking system. But in February 2016, there was the attack on the Bangladesh central bank, in which its accounts with the US federal reserve were hacked and diverted to a Philippine bank and eventually lost in Philippine casinos. It was one of the biggest cybercrimes to hit the global banking system.

Estimates on the amount of money lost to cyberheists have been staggering: One put it at $3 trillion in 2015, with the amount expected to double by 2021. The global economic crime survey in 2016 conducted by PricewaterhouseCoopers (PwC) also showed that cybercrime has jumped to the second most reported crime globally and that more than half of organizations have been hit with cybercrime in the last two years.

In the case of the banking sector, it has been noted that Asia is the most vulnerable region. Aside from Bangladesh, there were reports of high-profile attacks on banks in Japan, the Philippines, Taiwan, Thailand and Vietnam, causing billions of dollars in revenue losses. One international survey showed that up to 90 percent of banks and companies in the Asia-Pacific region reported some form of attack in 2016, up from 76 percent in 2015. The most common of such attacks were on banks’ technology infrastructures.

Banks have been targeted by cybercriminals because these institutions have the money. Given this scenario, it is therefore prudent for banks to double their efforts to protect their computer network infrastructure. As more banks shift to digital channels like online banking and mobile transactions, the market for cybercriminals increases, making it very critical for financial institutions to protect the data that the criminals are trying to steal.

In this technology-driven age, the security of the financial system against cyberattacks or even internal technical glitches is of paramount importance. Banks are well advised to invest not only in the latest technology against cybercrimes, but also in highly qualified personnel to ensure that their systems are secure and cannot be penetrated by unscrupulous groups.

The disruption to customers caused by a technical glitch at one of the country’s biggest banks last week was just internal in nature. Imagine the impact an external cyberattack on a major bank will have not only on its customers but on the entire industry as well. Money is a nervous commodity. Any sign of risk will see it flee, and a run in one bank can easily spread to others faster than one can imagine.

Read more...