Banking increasingly felt the sting of cyber attacks in 2015, after what was a hard year of DDoS and breaches against conpanies globally. From Finland, to Sweden, to Greece, to the US, cyber threats are becoming the new liability to plague the industry. In a report conducted by the Cyber Security Forum Initiative and PricewaterhouseCoopers, 672 bankers from around the world were interviewed in regards to how they were assessing risk in the financial sector.
Out of all 672 respondents, only five bankers gave criminality a score of 1 out of 5 when it came to importance, showing that, in 2016, most banks will be probably more aware of cyber-threats than ever before.
With cases like the DDoS-for-Bitcoin extortion scheme on Greek banks and the blackmail of a UAE bank after its servers were hacked, it’s hard to believe that the banking sector has not learned its lesson regarding cybercrime in 2015, and this study comes to prove it.
“Tax evasion and money laundering are two threats that can be managed and controlled. Cyber-attacks are a different animal,” said one banking industry observer living in the US.
His opinion was also shared by Simon Samuels, banking consultant in the UK, who explained that “we may at some point see a cyber-attack so powerful on an individual bank that it has the power to bring down the institution, necessitating a state bailout.”
2016 promises to be a year of increasing growth for both cyber attacks and security. Without the risk of a physical connection to the crime, cyber attacks are lucrative and relatively easy to both novice and skilled players in the game. With groups like Armada Collective and DD4BC prowling for targets, it only makes sense that banks are concerned. No access to a customer’s money is the highest point of frustration for someone using their banking services, bar none. The fact that there’s a possibility of a massive attack bringing down a banking institution in its entirety should concern more than just the IT departments at the banks. That’s a disruption of the entire financing and cash flow of tons of people.
We encourage people looking for online hosting to look for companies that have prepared for cyber crime. We should do the same for banks as consumers. (We would like to point out authorities doing the same, the FFIEC issued a statement in regards to DDoS in banking back in 2013.) Obviously the banks take protecting money seriously for their sake, but clients to banks should demand the same of their information, and make sure there’s accountability for incidents.