In the past few years, financial institutions have started dealing with a new breed of robber, the cybercriminal. One prominent hack in February resulted in at least $80 million in losses, and brought the issue back into the limelight – and it may linger there for quite some time.
The situation goes from bad to worse
As comforting as it would have been to shrug off the February heist as an unfortunate fluke where cybercriminals got lucky, the reality is that the hackers actually got really unlucky. The only reason they didn’t make off with the targeted $900 million is because a typo in a transfer tipped off a routing bank.
More importantly, it wasn’t a one-time thing. In March, it was announced that a hacking organization called Buhtrap had stolen millions of dollars from 13 Russian banks using malware. A month earlier, an unidentified group of Russian hackers also managed to infiltrate a regional bank. Within minutes, they were able to raise the ruble-dollar rate by 15 percent.
The worst news, however, came to light at the end of April, when one of the leading global financial networks alerted customers that cyberattackers were sending messages over its communication system. This was a warning from the global financial network that cyber bandits could have a new attack in the works. The scariest part was that it may involve a network used to transfer billions of dollars on a daily basis. It begs the question: How does this continue to happen?
The keys to the vault may be inadequate
According to Reuters, the global financial network in question stated “that in most cases the modus operandi was similar.” Hackers were able to steal credentials, and then use them to pose as authorized operators on the network. It’s also believed that the most recent bank-related cyberattacks were only possible because cybercriminals were able to steal important credentials used in the transfer system.
The role that credential theft plays in cyberattacks isn’t unique to financial institutions. In almost every industry, from health care to the public sector, there have been breaches as the result of cybercriminals’ tricking insiders into somehow turning over their login and password information. However, banks are somewhat unique in the sense that it’s not just information that needs to be protected – it’s actual money.
In the physical world, to protect itself a bank may use a reinforced vault door that can withstand explosives. The virtual equivalent might be a really powerful firewall. The only problem is that if hackers have the keys to the vault, that reinforced steel may as well be a curtain. It would appear that bank cybersecurity doesn’t need a bigger, better door; it needs a better lock-and-key system.
Reinforcing security with stronger authentication
Multi-factor authentication, for instance, strengthens credential security by adding additional layers of verification. Upon trying to log in to an application, a user may receive a text message on their mobile device with a one-time password. Only upon entering this one time password can they access their account.
Alternatively, financial institutions could do away with passwords altogether. Digital certificate-based authentication creates unique digital identities for devices and users, so that access to information is only allowable through specific systems.
Digital certificates are also used for encryption. If a device doesn’t have the appropriate encryption certificate, it can’t access the raw data. This approach to authentication can prevent hackers from accessing certain programs and databases from any device. Without the right authentication certificate on their system, the hackers are completely out of luck.
Given the recent string of cyber heists, it’s not unlikely that we’ll see more news of robbed banks in the coming months. Hopefully, recent events and warnings will serve as a wakeup call for banks to get smarter, stronger authentication now.