Right now, your bank is probably vulnerable to costly cyber attacks. Why? Because, like most financial institutions, you probably haven’t implemented end-to-end encryption or robust endpoint protection. It’s easy to understand why something like this could fall through the cracks—no one wants to shell out for a complex software solution whose purpose they don’t fully get—but the next big cyber bank heist is coming, and you probably don’t want to be the victim.
The online world is a bit like the American Wild West 150 years ago. Most people are genuinely good and honorable and are just trying to live their lives. Then you have the gunslingers and train robbers, those people who today are hackers and scammers just trying to make a fast buck at the expense of those good people.
The FBI is warning businesses about a growing threat to their confidential data—the Business Email Compromise (BEC) attack. This isn’t a new form of cyber assault, by any means, however, it is on the rise at an alarming rate. Whether this threat has just come onto your radar or you’ve been monitoring it for a while, there’s never been a better time to take preventative measures..
Data is big news. Whether it’s a tech company selling their users’ personal information, or a credit card company having a data breach that affects millions of people and potentially millions of dollars—data is on people’s minds these days.
In 2018, the Bank of Chile found that the malicious KillDisk virus had infiltrated 9,000 of its computers and 500 of its servers and was poised to wreak havoc on their internal systems. Understandably, they immediately went into crisis mode, working as quickly as possible to disconnect those workstations. During the ensuing flurry of activity, the hackers were able to perform their real attack completely unnoticed: $10 million worth of fraudulent SWIFT transactions that the bank was too busy to notice.
For attackers and fraudsters around the web, financial institutions have a great big ‘X’ marked on their backs. Some estimates suggest that banks and other companies in the financial sector are 300 times more likely to face cyber attacks than other businesses, with IBM suggesting that nearly 20% of the total cyber security incidents in a given year come from attacks on banks. Last year, Mastercard claimed that they were fighting off more than 460,000 intrusion attempts every day.
When SWIFT messages are utilized in bank heists like the 2016 Bangladesh Bank attack, reports often refer to SWIFT having been “hacked.” In reality, it’s the banks themselves that have had their cybersecurity flaws exposed, and the SWIFT network was only used as a tool for the fraudsters to gain the trust of the financial institutions that are performing the transfers. This might seem like a small nit to pick, but in some ways it’s an important distinction to draw. Why? Because it centers “trust” as one of the most important elements of both successful fraud and successful fraud prevention.
According to IBM, the average cost of a data breach in 2019 was just under $4 million—and this is nothing compared to the costs of some of the more high profile security lapses in recent history. Since the Equifax breach was uncovered in the 2017, it’s estimated that it’s cost the company $1.4 billion. And this is before we talk about other types of attacks beyond data breaches, like the SWIFT transaction fraud that lay at the heart of the infamous Bangladesh Bank heist. Really, it’s hard to overstate how critical data security is for international businesses, especially in the financial sector.
With the current world-wide coronavirus pandemic, more people are working from outside the safety of their usual secure corporate networks. This opens your company up to a whole slew of new hacks and security concerns. Fortunately, there are options when it comes to locking down access to your proprietary data and internal systems.
SWIFT fraud is on the rise. In a recent EastNets survey of 200 of the roughly 11,000 financial institutions on the SWIFT network, 80% of respondents said they had experienced at least one attempt at SWIFT fraud in the three-plus years since the infamous Bangladesh Bank heist. In Asia, that number is closer to 100%, and the number across the board is probably somewhat higher than that—given that only 40% of the banks surveyed were “very confident” that they were successfully detecting every fraud attempt on their network.