Week 5 - “Cyber security is the most prevalent IT risk for banks”

KPMG had shown on their recent survey that the cyber security has the highest among other threats and risks, especially for the bank.

There were three major cyber security breach in 2015 and 2016 on 3 foreign banks that caused a huge financial lost about $100 millions.  The breaches were focus mainly on exploiting the weaknesses of the digital infrastructure of the bank that connect the banks to the global SWIFT network.

The first bank was the the Ecuadorian Banco del Austro.  It lost about $12 millions.  The second bank was the Vietnam’s Tien Phong Bank.  In this case, the hackers used fraudulent SWIFT messages to transfer more than EUR 1 million from TP Bank.  The third bank had the biggest financial lost, which was the Bangladesh Central Bank, the hacker was trying to transfer $850 million and then SWIFT detected a spelling error on the recipient name but $101 million were already transferred to the hacker account successfully.

The incidents had raised my concern and question that the foreign banks might not follow the same national security standards?  Why the security system did not raise any alert when a big amount of money was transferred?  The system should check for three main things such as:

1.    Is it during business hours?

2.    Is it under the money limitation for wired transfer?

3.    Who and where is the recipience?

 

What I was thinking is either the banks did not follow the international security standard and their security system has security holes or their security team was weak and short of knowledge on setup security issue. 

 

I would think the foreign banks should spend $1 million or even more to consult security experts from other countries to help them setting up a strong security policies and security systems or losing $100 million. 

 

Preference:

KPMG’s European Central Bank Office.  Cyber security is the most prevalent IT risk for banks.  (September 6, 2016).  Retrieved from https://home.kpmg.com/bh/en/home/insights/2016/09/cyber-security-most-prevalent-it-risk-fs.html