Banks need to recognise that building a wall to keep cyber security threats out will not work. With breaches from both sides of the wall inevitable, financial institutions would do better to pare down their activities and focus on defending their core assets – including intellectual property and transactional systems.
Bankers should watch what they say in public, or risk a devastating computer network attack on their business from state-sponsored hackers. This was the stark warning offered by speakers at the FIX Trading Community conference in London yesterday.
Swift has added peer assessment to its Sanctions Testing service. An optional service it will allow financial institutions to compare the performance of their sanctions filters against those of other participating institutions.
To counter cyber-crime, an organisation must have a person providing leadership and oversight in the strategic planning, execution, and assessment of security strategies, policies, procedures and guiding practices. Ensuring compliance with legal obligations in respect of information and information security is also a key responsibility. What many companies need is a chief information security officer
In a joint international operation Europol’s European Cybercrime Centre seized servers said to have controlled the Ramnit botnet that had infected 3.2 million computers internationally. The operation involved investigators from Germany, Italy, the Netherlands, and the UK – which led the operation – along with partners from private industry.
Financial institutions are being urged to revisit their cyber-security following revelations that an online gang using the Carbanak malware stole up to $1 billion from banks in 30 countries around the world in a series of highly-sophisticated attacks over the last two years.
The cyber-attack on Sony Pictures at the end of last year highlighted something that IT and security people in financial services have known for some time – the modern networked environment is far less secure than most people are prepared to admit …
Protecting your banking infrastructure from cybercriminals is one of the toughest IT challenges in banking. It keeps getting harder, even though banks are working tirelessly to protect both customers and assets. Attacks are growing in size, and new developments such as the Internet of Things mean attack surfaces are growing, as well as the number of endpoints that can be used to launch attacks.
Securities market regulators are beginning to clamp down on market abuse linked to complex high-frequency trading strategies – but there is much more to be done, according to a new report by financial consultancy Kinetic Partners.
A range of social, political, cultural and economic factors drives cyber attacks. How well banking and financial institutions understand the drivers for an attack and how effectively they respond in the 48 hours following the discovery of an attack has a major effect on the resultant impact.
With Sony the latest victim of hacking, large organisations are witnessing yet again how data breaches cause serious damage, to the tune of millions. The prevalence of hacking in the media begs the question, what’s in store for 2015?
A platform for sharing cyber-security threat intelligence among financial services companies has been launched by US post-trade utility the DTCC and non-profit security organisation FS-ISAC. Called Soltra Edge, the platform gathers data about cyber-security threats and converts it into a standardised format for sharing.
Market participants are worried about data and are deeply concerned about their ability to monitor transactions following a string of major fines to global financial institutions, according to a new report by NICE Actimize.
As Bob Dylan, famously sang, The Times, They Are A-Changin’. Once, the tools required to carry out a bank raid usually comprised a shotgun, old stockings and a bag labelled “swag”. Today, it’s a laptop, computer programming skills and patience. And the nature of the crime is changing too – previously, the goal was often to get away with a few thousand pounds, before lying low for a while. Now, the “prize” sought may be the theft of millions or the personal details of thousands, to be then sold on.
Fraud and financial crime are growing substantially in their nature and complexity as we continue to evolve into an ever more connected world. New technologies, particularly the spread of mobile devices, have opened up different avenues of attack for technically sophisticated and well organised gangs of fraudsters and criminals. The social and economic costs of organised crime in the UK alone are estimated to be £24bn, of which £8.9bn are associated with fraud.
Greater information sharing and closer collaboration between the public and private sectors are needed to combat cyber-attacks, which are now the principal concern of the financial services industry, according to the DTCC. A top priority should be the creation of global industry working groups to engage with national regulators on the development of cyber-security regulations that address the real-time and evolving nature of cyber-threats.
The recent nomination of the British Banker’s Association as an intelligence node and source of benchmarks and practices in the UK’s financial infrastructure, via CBEST, has pushed the role of the banking sector in detecting and remediating breaches into the spotlight. So what can banks do to ensure their cyber defences are up to the task?
As banks develop new retail styles, they face new security challenges as the changing use of space in-store means surveillance and alarm systems must evolve in tandem.
The internet has opened the door to purchase almost anything from any part of the world through electronic payments. As globalisation continues to flourish – especially in the banking industry – it’s now possible to transfer money across different countries with ease and speed. While this has increased the opportunity for businesses to extend their reach globally, it also creates an appealing opportunity for criminals.
The threat of banks de-risking and exiting regions and businesses in fear of sanctions-related fines is upon us, said Juan Zarate, the ex-deputy national security advisor for combating terrorism to US President George W Bush. Zarate was speaking at a Standard Chartered session yesterday morning about his new book, Treasury Wars: The Unleashing of a New Era of Financial Warfare.
While the average bank heist averages $6000, a cyber-thief can make off with millions. Last year 552 million identities were breached, while every call about a compromised credit card costs a bank $4.
Money launderers will increasingly move away from the US dollar to the renminbi as US authorities continue to crack down on international banks’ AML systems. The shift will have consequences for London’s aspirations to become a global centre for RMB clearing and settlement.
The bailout of Espirito Santo Bank brings back unwelcome memories of the events of the last financial crisis and raises the spectre of moral hazard returning to the financial services industry both in the UK and abroad. But how far have we really come since those dark days of 2008 and the collapse of Lehman Brothers and how far do we still have to go? A quick look at recent events gives us a good indication.
A recent bout of high profile cyber-attacks on financial institutions across the UK, US and Canada has put the spotlight back on the importance of data security and the need to be diligent when it comes to cybersecurity within the banking industry
The news last month (June) that the Luuuk malware had snared its first victim, an unnamed European bank, has again highlighted the magnitude of the challenge facing the banking sector. While the reported theft of €500,000 during the course of a week certainly does not break any records, the discovery of what is believed to be a variant of the feared Zeus malware, is just the latest in a line of increasingly sophisticated cyber attacks
Banks need to do more to educate consumers about the ways in which they may be exposing themselves to fraud risks, according to a new report by Aite Group using data from ACI Worldwide, which notes that one in four consumers has been victimised by card fraud in the past five years.
One company grateful for the flurry of publicity given to the practice of front-running orders by the publication of Michael Lewis’s book Flash Boys earlier this year is New York-based Trillium, whose Surveyor market manipulation detection tool can be used to detect the practice.
“The fastest growing national security threat facing the [US], which also happens to face the financial services industry, is cyber-espionage, cyber-crime and cyber-terrorism” according to a former deputy and acting director of the Central Intelligence Agency, speaking at the SifmaTech conference in New York.
Specialist Java start-up Waratek has announced a security product intended to protect older Java code – which can contain five to 10 security vulnerabilities per 10,000 lines of code – from security breaches.
As the number of cybercrime incidents increases, financial institutions and their corporate customers should take renewed steps to protect their data – including using tokenisation and hosted payments pages, according to a new report by Chase Paymentech.
Security breaches at major institutions in financial services, healthcare and other industries are going undetected for months at a time and are often caused by basic errors of security, such as weak passwords, vulnerable applications and a lack of interest in security, according to a new report by cybercrime specialist company Trustwave.
Looked at from a data perspective, many new regulations have overlapping requirements that come back to customer data. Banking Technology joined forces with Markit І Genpact KYC Services and regulatory specialist JWG to look at how firms are approaching the challenges this poses.
Bank account fraud in the UK increased 48% in the first four months of this year, with a 57% rise in the number of identity frauds compared to the same period last year.
Four out of five organisations are leaving themselves open to payment fraud because of a lack of standardised payment workflows, according to a study by financial technology vendor SunGard.
Bitcoin is the poster child of the cryptocurrency world, but it’s not alone. Michael Mainelli and Bob McDowell take a look at the real-world implications of the rise of AltCoins
At the end of last year, Yahoo was hit by a malware attack. It affected over two million clients, mainly in Romania, Great Britain, France, Italy and Spain, putting their personal data at risk. Upon visiting the website between 27 December and 3 January, users received advertisements, some of which were malicious and infected users’ devices without even a click.
A group of major international banks have agreed to jointly develop and use the centralised Know Your Customer Registry announced by Swift at the start of the year.
Swift has created a dedicated Financial Compliance Services unit to manage a growing number of service offerings. The new unit will focus initially on the development of a Know Your Customer Registry planned for launch later this year as well as the integration and development of existing services.
2014 looks to be a good year for fraudsters as government and law enforcement struggle to come to terms with the issues and the continuing spread of mobile continues to offer them poorly-protected targets.
Bitcoin is more traceable but less regulated, less expensive but more volatile, and more decentralised but less accountable, than a regular currency. Feeling confused? That’s not the half of it, according to Ernst & Young.
