Cybercrime, otherwise known as computer-orientated crime, is an increasingly global phenomenon, threatening all industries. The evolution of technology which is now used continuously on the move in every aspect of life enables hackers to leverage the anonymity of the internet and exploit companies and individuals. Cybercrime is more prevalent in the financial services sector than in almost any other industry.
Research indicates that almost half of black-market data originates from the BFSI sector. Unsurprisingly, the nature of the personal information held by these organisations makes them a tempting target. As banking evolves and new technologies emerge, the introduction of omnichannel platforms designed to give the customer greater accessibility ironically does the same for hackers. This is presenting the industry with new challenges.
To discuss these challenges, The Fintech Times spoke to Amitava Chatterjee, a Senior Consultant in the Industry Domain & Consulting Services group for Wipro’s Banking and Financial Services Unit. They provide a range of services across Retail Banking, Investment Banking, Capital Markets, Wealth Management, and Insurance.
Over the past few years, banking has changed dramatically. New technologies have emerged that have completely transformed the way we bank. People are no longer accessing and generating data purely from ATMs or on-site, but instead via online banking, e-commerce platforms and mobile applications. The introduction of services such as cashless payments have made financial organisations even more vulnerable. Cybercriminals are regularly infiltrating and exploiting data in order to impersonate individuals, gain access to sensitive information, disable devices and even, sell sensitive data to competitors or marketing agencies via multiple channels.
Key cybercrime trend data indicates that 67% of all data breaches include advanced personally identifiable information such as addresses and dates of birth. The nature of the information held, increasing digitisation and a shift to mobile banking, has meant the financial industry has become prey to a series of cybercrime incidents, resulting in data breaches for millions of customers.
Despite the increasing sophistication of the services on offer, email phishing and third-party unprotected services are still the two major risk areas for the financial services industry. Any data from one breach can be easily used to gain unauthorised access to another infrastructure through the re-use of passwords or social engineering attacks. This data is then randomly exchanged on the Deep/Dark Web. Furthermore, aggregated data can be used to pursue enterprise-level targets, to steal intellectual property or trade secrets, customer information, financial data and/or corporate strategies. Therefore, data breaches can have wide-reaching implications not only affecting the individual customer whose data has been compromised.
In short, the banking industry is a very lucrative target for cybercriminals. If this sector is to keep ahead of the cybercriminals and maintain the trust of its customers and partners, it will need to implement broader and more effective security strategies. Thus, it is essential that this sector pinpoints its vulnerabilities and addresses them with absolute urgency.
Disruption and damage
The disruption and damage caused by a cybercrime incident generally falls into three main categories, namely:
- Financial: Most cybercrime is related to fraud and has financial consequences. Shockingly, the success rate for such attacks equates around one in three.
- Reputational: In addition to financial implications, cyberattacks can have catastrophic implications for a company’s reputation. Breaches of a customer’s confidentiality can irreparably ruin an organisation’s reputation and credibility, which in turn, directly impacts customers’ willingness to trust institutions to safeguard and manage their wealth and assets. In a world where the customer is the key sales driver, this kind of lack of trust can be highly detrimental to the success of a business.
- Legal: There can be legal implications for companies who fail to safeguard their clients’ personal data. As per the General Data Protection Regulation (GDPR) for EU member countries in 2018, there is a legal obligation for companies to report breaches to supervisory authorities within 72 hours. Failure to fulfil this obligation is punishable by a fine of up to 4% of global annual turnover or a maximum of 20 million EUR.
Prevent rather than react
Although cybercrime seems to be an ever-increasing problem for the financial services sector there are some practical steps that can be taken to minimise vulnerability to attacks. The key is to focus on preventative, as opposed to purely reactive measures as follows:
- Risk Management Regime: it is important to fully assess and understand the risk posed before implementing cybersecurity measures.
- Secure configuration: misconfigured controls such as an unsecure database, are often the origin of data breaches
- Home and mobile working: as we move forward in a post covid world, many employers will be looking to work towards a hybrid working model, where remote working is still very much an option. However, it is important to address the increased security risks faced when operating with a distributed workforce.
- Incident Management: establish clear policies and procedures to mitigate security incidents
- Malware prevention: implement anti-malware software
- Managing user privileges: restrict sensitive information with secure access controls
- Monitoring: system monitoring helps identify incidents promptly and initiate appropriate response efforts.
- Network security: improve policies and technical measures to reduce vulnerabilities on the internet
- Removable media controls: implement policies on usage of removable devices to prevent security incidents from malware
- User education and awareness: train employees and customers on their responsibilities and security practices to help increase awareness and prevent data breaches.
Implementing the above practical strategies will hopefully keep attacks to a minimum. However, moving forwards, it is critical for organisations to also focus on anticipatory approaches. Multiple industry reports suggest that some of the key measures to consider include:
- Automation: the vast amount of data and assets held on a financial organisation’s network can be very complex and inefficient. Technology Asset Management (TAM) gives a holistic view of the whole technology stack and acts as a single source of truth in monitoring and identifying outdated and unused software. This can help optimise cyber-hygiene and reduce risk of cyber attacks
- Artificial Intelligence: implementing intelligence-driven measures with the use of artificial intelligence (AI) can help strengthen authentication methods and reduce cyber risks. Examples such as biometric logins for multi-factor authentication (MFA) are already being used today.
- Sandbox-Evading Malware: Sandboxing is an automated technology for malware detection used in traditional antivirus programs and other security applications. This mechanism keeps running programs separated, so malware cannot run in those programs while the security software executes the malware to determine what it is.
- Cloud services: adoption of cloud-based Infrastructure-as-a-Service offerings for running business systems with sensitive data on public clouds. These services often reduce operating costs and increase an organisation’s speed in bringing new services to the market.
- Security as a service: a business model in which a service provider integrates their security services into a corporate infrastructure on a subscription basis, which can be more cost-effective than most individuals or corporations can provide individually when total cost of ownership is considered.
Closing the Cybersecurity skills gap, the use of anticipatory measures, combined with increased automation, cloud services and AI will together help provide ways for organisations to protect themselves against potential threats. Employing these tactics will also allow them time to come up with countermeasures and responses to minimise any potential damage from the attacks which can’t be prevented. Experts agree that a combination of continually evolving protective technologies and solutions will be needed to stay one step ahead of cybercriminals in years to come.