“Banking System Cyberattack”
By Scott Hamilton
It was June 6, 2023, when Emil Sayegh published an article titled, “Potential For Devastation: The Impact of a Cyberattack on the Banking System.” Sayegh outlines several potential risks causing big uncertainties across the banking industry. The fears of cyberattacks cause some seemingly unrelated issues for banks in general. As soon as bank customers get wind of a potential security threat they have a tendency to make a run on the bank.
It is precisely this that started the collapse of Silicon Valley Bank around this time last year. SVB’s collapse struck fear into both banks and customers in regards to the financial security of banks in general. The threat of cyberattacks just adds to the worry for many.
There is no need to worry too much though, because all the banks are well aware of the threats and take network security very seriously. However, this does not mean that it is not possible for banks to fall prey to cyberattacks. In fact it was in Russia’s plans as they prepared to invade Ukraine; their primary target was the banking systems.
You might think you are safe from cyberattack if you don’t use online banking, online bill pay services or direct deposit of your payroll, but we are all subject to cyberattack, regardless of our background, occupation or knowledge. Every business is likely to be a victim at some point as a majority of businesses rely directly on the Internet for running payment processing systems, payroll, bookkeeping and inventory.
Today’s cybercriminals are developing more tools and learning more of the inner workings of major computing systems. The cloud has caused a unification of sorts in how businesses, including banks, store customer information. This unification makes it far easier for criminals to access and decipher the private information. This means that businesses must become more proactive in protecting their private resources.
I am sure you have noticed that even the smaller banks and businesses have made it much more difficult for us as customers to access our accounts. Many of us now have to not only enter our username, password and “prove we are not a robot,” but also enter a code sent to our phone or e-mail. This is called multi-factor authentication and it basically means that we must provide more than one proof that we are who we claim to be. This usually means that we have access to more than one account, or device. The more hoops we have to jump through to access our accounts, the harder it becomes for a cybercriminal to access our accounts.
I found it both scary and interesting that almost exactly one year after Sayegh’s article was released, we saw a dramatic increase in cybercriminal activity against the banking system. The latest of these was a massive surge in denial of service attacks last month. Basically what this means is that hackers flooded the banking system with an overwhelming number of requests, causing massive system failures.
There has also been a massive increase in the number of malicious cell-phone apps designed to steal banking information in the last month. Google released a statement on May 28, 2024, warning users to update their anti-virus and anti-malware applications as they located and blocked more than 90 applications with a total of 5.5 million downloads this month from Google Play because of suspected identity theft. A majority of these malicious applications install a piece of malware known as the Anatsa banking Trojan which is designed to monitor your device and steal passwords to banking systems.
I’m not writing this to scare you, but to give you fair warning that the Internet is not a safe place. Even if you are using safe sources like Google Play for installing your favorite games, there is no promise that the game is safe. The only way to be sure is to rely on a trusted anti-virus or anti-malware application. I personally utilize AVG, but only because their free product version offers a reasonable amount of protection; pretty much any trustworthy anti-virus software will work. If you need help finding the right one, you can check out my website at www.techshepherd.org. Until next week stay safe and learn something new.