BY ANTONY MUTUNGA
Over the years banking systems have been laid out in a manner that subconsciously makes people trust in them as institutions that are dedicated to protect clients’ hard earned cash and assets although, this is not always the case. Lately, the level of cyber security in financial institutions is surrounded by various situations that have caused people to start losing faith.
The recent turn of event that brought to light the information that since 2015 four banks had been hacked into has people questioning exactly how secure the financial institutions are. People became even more worried as it was made public that the culprits responsible, dubbed ‘Lazarus Group’ by the media, hacked into these banks and used one of the most secure banking systems, the SWIFT network, to give instructions to make fraudulent payments.
Society for Worldwide Interbank Financial Telecommunication (SWIFT) is the organizational society that provides the SWIFT banking network which is used to transmit financial messages between financial institutions. SWIFT made a report to assure its members that it had not been hacked but it also warned its members to beef up security as the global banking and financial community was being targeted. The system has linked over 11,000 financial institutions in more than 200 countries and territories around the world.
The report caused the rest of the financial institutions linked by the system to enter a state of worry to the point that some of them decided to reduce their access to the SWIFT system for a period. Most financial and non financial institutions did this as a precaution to ensure the hackers could not use the SWIFT system to steal from them.
The first bank to be hit by the cyber hackers was the Banco del Austro (BDA) in Ecuador on January 2015 where they managed to loot about 12.2million dollars. The next attack was in October 2015 when a bank in the Philippines had its IT sector hacked into and infected with viruses. Eric Chien, technical director at Symantec Security Response said, “Hackers infected desktop computers at the bank but our researchers still aren’t sure how the hackers slipped in….. Or if they moved any money.”
The third bank to be attacked was Vietnamese Bank called Tien Phong Bank in December 2015. The cyber hackers had been trying to steal 1million dollars through fraudulent SWIFT messages but there attempt failed according to a statement released by the bank. The next attack was by far the biggest heist as the cyber hackers were able to hack into the Bangladesh Central bank on February 2016. After successfully hacking the bank they went ahead to send fraudulent SWIFT messages to one of the largest banks in the world, the Federal Reserve Bank of New York.
The hackers used the SWIFT messages to issue instructions for the withdrawal of a sum of 951million dollars from the Bangladesh bank account at the Federal Reserve. Before the Bangladesh Central bank had taken notice of the ongoing cyber heist and notified the Federal Reserve to block the transaction, the Lazarus Group had already managed to steal 101million dollars without a trace.
This showed that most small and medium financial institutions in developing countries have fewer resources to put into their IT security which is why the hackers targeted them. The four major cyber heists went ahead to prove the vulnerability in the cyber security of these financial institutions as all the heists were done using similar methods. The hackers used advanced malware in day to day software to infiltrate the banks and take control of their computers. Once they had remote control they were able to learn the procedures that were necessary to withdraw and receive money.
The next step the hackers took was to steal the banks credentials for the SWIFT system which allowed them to use the system to send instructions to make fraudulent wire transfers. The SWIFT system comes in handy to the hackers as it connects the financial institutions and it always assumes that those involved in the transaction are trusted parties.
With the knowledge of the vulnerability of cyber security, researchers believe that more hacks are imminent unless more is done in securing the sector. In Kenya, the Central Bank of Kenya (CBK) warned its staff as well as other financial institutions, as members of SWIFT, to be vigilant when accessing the internet and opening E-mails due to the impending attacks by the cyber hackers.
The Kenya Cyber Security Report 2015 done by Serianu Cyber Threat Intelligence Team in partnership with PKF consulting and USIU’s Center for Informatics Research and Innovation (CIRI) identified the financial sector and mobile money services as among the top riskiest industries to be attacked by cyber hackers. This in conjunction with Kenya being a victim of cyber-attacks before by a group of hackers known as Gaza group in 2013 has most people worried if their money and assets in banks are safe.
However, the CBK governor, Dr Patrick Njoroge at a press briefing in May went on to assure the public that the CBK, as the regulating body of financial institutions, had tightened its cyber security measures and cautioned its IT department to be extra vigilant so as to minimize any cases of cyber-crimes. The SWIFT group also put up its own measures by launching a security programme to strengthen the cyber security of the global banking system.
SWIFT CEO Gottfried Leibbrandt in a press statement said, “While each individual SWIFT customer is responsible for the security of its own environment, the security of global banking can only be ensured collectively. It requires a collaborative approach between SWIFT, its customers, overseers, and third party suppliers. SWIFT is fully committed to leading the community effort required to keep global banking safe and deploying its knowledge and expertise to help customers in the fight against cyber-attacks.”
Even though SWIFT and the global banking community are reinforcing the cyber security to withstand any hackers, individual countries need to do more. Countries need to allocate more resources to their IT security because the more innovation advances, the more cyber hackers learn new ways to bypass the banking system. If the financial institutions do not heed this advice then the prior events are only the beginning of the cyber heists.
