International Cybersecurity Congress 2018: communication breakdown

Written by Henry Vilar
9th July 2018

From 5-6 July 2018, Moscow welcomed cybersecurity professionals from all over the world in the first International Cybersecurity Congress (ICC), Sberbank’s conference with aims to become a global reference in the area.

During our time in the conference and at a demonstration closed to the public, FinTech Futures was lucky to witness a real-time simulation of a crisis response, in which members of Sberbank’s cybersecurity committee convened and played their part in putting an end and a solution to this emergency.

The simulation case shown was a virus infection that infiltrated through one computer in a Sberbank office in the Urals, a mountainous region of Russia, which spread throughout the office, prompting a speedy subsequent shutdown of the entire building’s devices.

This attack was not very different from the Wannacry or Nonpetya attacks.

The different mitigation protocols were triggered throughout the different verticals and horizontals of the bank, including relocation of cash, shutdown of the necessary systems, analysis of the infecting software etc.

A particularly interesting protocol was the response to social and media panic. Once the spread of the virus was contained, and information spilled out to consumers, these were quick to jump on Twitter, Facebook, and others, to discuss the matter.

In most cases, negative information gets spread very fast, and even more so with a little push by anybody ill-intended. This weakens the bank from several angles.

If consumers begin to withdraw cash en masse amidst a panic frenzy, this forces the bank to move cash around to meet the demand at ATMs throughout the country, and in particular the area that was most affected by the attack.

Alongside with the damage that is done to damage the bank’s public image, which must be addressed formally through written press statements and a live statement by the CEO on TV, the bank’s resources are put under strain.

The combination of an infection, plus a DDoS attack, plus the spill-over effects resulting from the social media panic, divert the attention from the bank, which could potentially give a window of opportunity to criminals breaking into the system.

The goal of the ICC, from an industry perspective, was to spark conversations and collaborations among cybersecurity providers and experts. But for Sberbank, it was an opportunity to show transparency and openness, as a company, and as the spearhead for Russian financial institutions.

As Russia attempts to open up to the rest of the world, transparency and its relationship with the media are an increasingly important matter.

Stanislav Kuznetsov, deputy chairman of the executive board of Sberbank, talking to Fintech Futures, put it this way: “If you want others to open up to you, you need to take the first step.”

Our third report from the event was about calling time on secretive banks.

The second report discussed the spirit of collaboration.

The first report explained how DDoS is the business of petty criminals.

Want to know more about Sberbank and its tech? Read our in-depth case study here.