British Banks Vulnerable To Cyber Attack
In opinion / By Tanzeel Akhtar / 29 November 2016
Cybersecurity has become a matter of urgency and one which many banks are suddenly forced into addressing.
Recently we have seen a spate of attacks on retail banks and as a result these banks have suffered face huge financial losses and a loss in client confidence too.
The most recent victim is Tesco Bank this November which had to repay victims £2.5 million due to a hacking incident, there are some reports that buggy software and mobile apps were targeted as intrusion points by the hackers.
To make matters worse, Reuters have revealed that Britain’s banks are not reporting the full extent of cyber attacks to regulators for fear of punishment and bad publicity, the cases that do come to light prove cyber security is a urgently growing issue for banks.
ThreatMetrix research reported an increase in digital attacks
We are seeing this same trend echoed in the US, the Californian security technology company “ThreatMetrix” released its Q2 2016 report in which it analysed over 5.2 billion transactions with 40% coming from mobile devices.
ThreatMetrix found more than 112 million attacks were detected and stopped in real time; a 50% increase over the previous year. In addition, more than 450 million bot attacks were identified and stopped during this period, a 50% increase over previous quarter.
The group reports financial services transaction growth is primarily driven by mobile as digital banking transactions have grown by 140% over the last year with mobile transaction growing by 500% compared to Q2 2015.
Is the UK government spending enough to prevent cyber attacks?
The government is certainly making serious noises, Chancellor Philip Hammond has announced the UK government is planning to spend £1.9 billion on cybersecurity, in a recent speech he said UK must retaliate against cyber-attacks and warned of hostile "foreign actors" developing techniques that threaten the country.
According to a recent study cyber attacks cost UK businesses more than £34 billion a year. As we continue to bank digitally I would argue it is not enough and more should be allocated to Cybersecurity over the long term.
What should financial services companies do to prevent being attacked?
They should be working more closely with third party technology groups who can assist in warning a bank when they are under threat and actively leverage the white hat hacking community in their efforts to secure our business and personal funds.
Another factor to consider it that hackers prey on those who are unprepared, so British banks need to lose the mentality that “it won’t happen to me” - and be prepared to pay that little bit extra for cyber security protection.
Both the private and public sector businesses seem guilty of finding it difficult to believe they could be a target for cyber attacks, so shifting their mindset is essential. KPMG has even reported that this mindset needs to change – as the best offensive is a good defense, they advise both governments and industries and believe in forward thinking strategies.
According to KPMG, “Public and private sector entities must know what is going on around them so that they can identify when an attack has taken place or when an attack is imminent. Intelligence and the insight that it brings is at the heart of next generation of Information Security.”
FinTechs are also in the firing line
ThreatMetrix identifies a massive increase in bot attacks targeting FinTechs. There has been a 25% increase in “mobile only” users for financial institutions compared to last quarter, thats a lot more vulnerable consumers that there was last quarter and the number keeps growing larger.
KPMG identifies China emerges as one of the big attack destinations and make the point that cross-border transactions are growing and continue to be considered riskier.
Turn the tables on cybercrime and remain one step ahead
As more and more companies go digital and use the cloud to store data the risk of a cyber attack is on the rise. It is impossible to ignore possible cyber threats which is a complex challenge and an issue which will continue to be at the forefront of any firms strategy to protect their customers and sensitive data.
Forget large scale financial institutions. How about cyber attacks on a smaller scale? In today’s day and age we all leave digital trail behind. From ordering food online to checking into places via apps.
It is not difficult to be fall victim to a attack. We share way too much information and can fall victim to bait which could be as simple as accidentally clicking on a confirm link and accepting “remote access tool” giving a hacker access to your device.
Trails can be dangerous
ThreatMetrix identifies mobile banking is more popular than ever amongst returning customers in financial services, who continue to login to online banking via mobile apps almost twice as much as via desktop. There are several million logins a day for a mid-sized bank.
Mobile apps, for example, are increasingly used for repetitive daily tasks such as checking bank balances or ordering food. Analysing any interaction or platform in isolation cannot build a complete picture of the user’s true online behavioral pattern. Something as simple as clearing your cache on device could protect you.
Bank robbery is one of the oldest crimes. In this day and age banks need to stay one step ahead and find new ways to protect against cyber attacks.