Crime surrounding financial institutions, specifically the theft and robbery of banks and reserves is as old as the establishment of these institutions themselves. Even the earliest banks based in the Roman Empire had to safeguard themselves from external and internal threats to protect and satisfy their customers who entrusted them with their valuables and currency. As the services provided by banks have grown to become major parts of society in both the lives of individuals and nations, so have the threats and attacks on them and their clients.
This has happened in conjunction with the proliferation of technology in the field as banks and other financial institutions have come to rely upon electronic ledgers, currency and messaging services to secure themselves and make transactions of all sizes as quickly and safely as possible. Yet this has had its adverse effects as modern criminals can attack these systems, often from outside the jurisdiction of the bank’s host nation and escape with millions of dollars without leaving their computer terminals. This has made financial cyber crime the most common type of cyber crime that law enforcement agencies have to deal with annually.
While banks and large financial institutions may seem like the largest and most lucrative target, the majority of financial cyber crime has been targeted at individuals and small to
medium size business, for they tend to be the least secure. Hackers have often stolen credentials and opened large lines of credit in the names of these vulnerable victims and gotten away with the money before anyone can detect that anything malicious has happened. Thankfully due to recently enforced guidelines, increased public awareness and the work of the open source community, security tools for the average user have expanded and it is generally a lot harder for hackers to exploit their previous target. Yet this has made cyber criminals more ambitious as they have been increasingly targeting the global financial sector, most recent of which has been the $81 million theft in February from the Bangladeshi central bank’s account at the New York Federal Reserve.
According to Reuters, hackers accomplished this by compromising SWIFT, the global financial messaging system that most institutions rely upon to encrypt and communicate sensitive data between each other. Large global players have now began to take notice and The Group of Seven (G7) industrial powers on Tuesday said they had agreed on guidelines for protecting the global financial sector from cyber attacks. Reuters describes this agreement as “a set of non-binding principles, in a three-page document” to tackle the persistent issue of cyber attacks on central banks throughout the world. Additional reports emerged that U.S. Deputy Treasury Secretary Sarah Bloom Raskin briefed the public that G7 officials had surveyed their existing cyber security practices and identified potential shortfalls, and that it was vital that institutions approach this situation from a risk management perspective.
The vastest recommendation from the guidelines reads that “maintaining trust and confidence in the financial sector significantly improves when entities and public authorities have the ability to mutually assist each other.” Such a statement reflects the importance of information sharing between world governments and their respective law enforcement agencies. While guidelines such as these alone are not likely to make an immediate impact on the issue, they highlight the level of seriousness with which nation states are taking these threats. With private web security research companies such as Symantec warning of an up tick in the sophistication and repetitiveness of these attacks, one can only hope that our financial systems and the information technology teams in charge of securing them are up to the task and given the best tools to deal with such threats.