Are regional banks immune to cyberattacks?
Nader Henein, Regional Director, Advanced Security Solutions—Advisory Division, BlackBerry discusses potential prevention mechanisms to enhance security in financial transactions.
Take a stroll through a castle or any ancient fortification and you would probably get lost in a matter of minutes. This architectural feature was not a result of bad design; on the contrary, it was a deliberate attempt to confuse and isolate attackers, steering them away from valuable areas. This model became so effective that it is used to this day within the government and private sector to keep potential attackers at bay. Something that is extremely important within an increasingly connected world with complex networks.
The financial services sector, especially retail banks, is a prime target for cyberattacks these days, with the migration of wealth from brick and mortar to zeros and ones. Cyber-risks in the financial services space are quite significant with the sector now ranking third on the list of industries most vulnerable to cyberattacks. This is not surprising considering some of the recent high profile attacks, the Bangladesh Central Bank attack last year saw attackers syphoning $81 million in just a matter of hours.
Banks in the Middle East are by no means immune to cyber-risk, geographical borders are not relevant. In fact, given the concentration of wealth, banks in the region make very attractive targets and this has not gone unnoticed. If you speak to any of the regional banking security officers, they will tell you that they are under constant attack—from the relatively low-tech social engineering attempts, all the way to the use of zero day vulnerabilities (i.e. previously unknown weaknesses in software that are used by attackers to gain access to a secure network).
So what is the solution—do we go back to the barter system, or maybe keep money under a loose tile in the bedroom? Securing our digital wealth is of course possible but it requires more than just deploying standalone, bolt-on solutions and infrastructure in your network which seems to be the direction of choice today.
The first lesson we learn in security is that aiming to achieve 100 per cent is a fool’s errand, attackers will still get in. But once they are in your network, what attackers usually look for is fairly rudimentary. Nine times out of ten they are trying to find something of value and the easiest place to look is in your database. These structured repositories of data look like large, interconnected excel spreadsheets, with neatly organised records of user information, details and transactions, these are quite valuable to an attacker who can easily and anonymously resell this data in a matter of hours.
Take a credit card transaction, for example. The necessary information required to do such transactions include a name, card number, CVV, expiry date and address. Imagine an Excel spreadsheet stored in the bank with customer credit card records saved in the same place.
This valuable information is a very attractive proposition for cyber-attackers. But let's now separate this information into five different spreadsheets, each with one of the five pieces of credit card information mentioned. The logic of putting them all together is in the software that fetches those records to accomplish a transaction. So, if an attacker was able to steal all of this information, he would have a list of names that he would not be able to connect to five other lists (addresses, cc numbers, CVV numbers and expiry dates) thereby rendering the information useless to the attacker and harmless to the bank, its clients and its reputation.
This practise is referred to as ‘sharding’, which breaks a record into shards and stores them in separate locations with the logic of putting them together within the bank’s software layer. This means that an attacker would have to steal and recreate a unique working banking system in their environment to benefit from the heist.
A further critical catalyst to securing sensitive financial information is a bank’s ability to implement a secure file-management platform through a centralised file access system that helps them eliminate data loss whilst enabling faster and secure file sharing.
These are just two of the many techniques employed to safe guard a financial institution.
Aiming to be at the forefront of securing enterprises, equipping businesses, ranging from government to healthcare to finance, BlackBerry has acquired UK cybersecurity services group, Encription Ltd. Following this acquisition BlackBerry formed a new division—Cybersecurity Services Group—which helps enterprises identify, mitigate, and defend against every digital risk facing the organisation.
Considering the huge push for digitisation that is taking place in the Middle East, the region is on the cusp of a digital explosion taking place over a significantly large canvas, but the risks of the modern enterprise landscape cannot be ignored.
It is BlackBerry’s position that the region should perhaps consider forming an alliance similar to the cybersecurity alliances seen in the US and Europe by some of the leading banks. For regional financial institutions seeking a more comprehensive and calculative approach, consulting cybersecurity experts is also the best option that will deliver this result.