From Internal Rogue Players to External Hackers; New Bank Cyber Security Era Requires Changing Customer Behavior

In Financial Services, managing other people’s money (OPM) often results in fraud and greed in the news headlines. Until recently, it was common to read of data breaches caused internally by rogue staff, hackers stealing data through phishing, keylogger, MiTB and other malware or DDoS attacks disrupting business operations for years.

Until this summer, rogue trading occupied the spotlight with the likes of Société Générale’s Jérôme Kerviel who used the bank’s computers to make unauthorized trades resulting in losses close to $7 Billion. And this year, employees at Barclays Bank’s defunct financial planning business department were caught selling client lists with their personal identity information to third-party rogue traders.

This fall the Financial Services Industry’s security focus has shifted from internal to external security as data compromised in the latest JPMorgan Chase breach affected both consumers as well as businesses. The motive for the breach is still being investigated with total number of records more than 80MM thus far.

These global banks with multiple divisions from institutional securities trading, private wealth management, merchant, small business and retail banking must abide by international trade laws, regulations and compliance requirements to engage in cross-border business. They need to spend millions upon millions for competitive and secure networks, external market intelligence and digital surveillance technologies to protect assets, their brand and maintain high ranking positions in the markets. But as the recent JPMC breach reminds us, these “too big to fail” institutions are also too big to secure, and this is primarily due to the “silo” approach to building their networks, implemented by geographical region and by department, where often front office trading investment outweighs that in middle office reporting or back office administration.

Evolution of Financial Malware TimelineMalicious financial malware has been around for decades. Yet, the new attacks on JPMC and others like Citibank, who recently stated a cyberwar has begun on financial services, alone receive up to a detected (keyword ‘detected’) 10MM attacks per month. Reports like Neustar Financial Services Brief  state that both DDoS and phishing attacks are increasing on banks in 2014. This rise proves that cyber criminals are working hard to penetrate institutions’ defenses from every direction. And these attack strategies are quite sophisticated in determining all the entry points, from scamming customer or third-party vendors directly to infiltrating the network servers to obtain intellectual property and sensitive contractual renewal or other enterprise or small business data.

During times of crisis, there is much finger-pointing from banks board members and shareholders, and fromgovernment or law/policy-makers, as to who should take accountability for losses and what needs changing systematically. Unfortunately cyber criminals and cyber warfare will not wait for these arguments and investigations to settle into strategy.

And the finger-pointing doesn’t stop within just the Financial Services Industry. Retail is another example of an industry under cyber attack, with participants fighting among each other over cost recovery and accountability. Consider the cost of a Retail breach to Banks that are required to re-issue millions of credit cards. And consumers suffer because Banks as well as Retailers recuperate some of the costs from their customers through increased interest rates and transaction fees. See infographic on how consumers foot the bill of a breach.

Both Retailers and Banks have a common strong ally in this war against cyber crime and that’s their shared customers. This year both Financial Services and Retail/Hospitality big names have been breached largely due to customer apathy to take action and further educate and arm themselves with better defenses. After all, most customers believe they are inconvenienced through discovery of breaches, and the need to monitor and manage any fraudulent activities, despite for the most part being reimbursed of any theft resulting. Retailers and Banks post-breach do everything they can to maintain customer loyalty so the customer is no wiser in understanding they too are a soldier in this cyber war, and often pay hidden costs as a result.

As both Retailers and Banks recover some breach costs from customers, they also are engaged in prevention measures to focus on ways to persuade their common ally, the customer, to participate in online banking and eCommerce transactions in a more secure manner.

Wontok™ SafeCentral is Secure by Design™. Using its patented TSX technology, Wontok SafeCentral malware prevention solutions secure all endpoints whether employees, customers or third-party vendors on a PC, Mac device, Point-of-Sale Systems and ATMs and creates a secure containerized environment which renders malware inoperable on the operating system level. Only by assuming endpoints are infected can you provide the level of protection needed in today’s cyber crime filled world. Adding additional layers of effective protection to existing endpoint anti-malware solutions is the best way to prevent cyber theft. The most cost-effective method of defeating account takeover malware is the deployment of a competent endpoint solution that is impervious to advanced malware.  View RSA Conference l Where the World Talks Security: Adam Tegg, CEO, Wontok explain ‘Why Target Breach was Preventable.’

Banks and Retailers need innovative ways to help customers facilitate behavioral change, educate and adopt good social cyber security loyalty upfront in the transaction life-cycle by creating incentives for adopting additional endpoint security measures. Wontok SafeCentral allows Banks to know when a customer is logged on through its secure browser session technology. For every time a customer uses the new secured payment behavior, Banks for example could provide customer bonus or rewards points.

Changing behavior is never easy but never more than today has the world been more inter-connected through the advent of new digital services as we enter the ‘Internet of Everything’ era. By all of us being connected in the cybersphere, we each have a responsibility to play in keeping not only our own personal identity information and accounts secure but potentially those of our co-workers, our communities and our possibly even our countries secure, in the guise of utilities and transportation.


“Taking pre-breach forward-looking measures to protecting all endpoints to banking or merchant eCommerce networks for example won’t stop the war,” states Adam Tegg, CEO, Wontok, “But it will allow better defenses to at least one of the many backdoors and tactics cyber criminals use to breach us or our institutions.”


Posted in Articles and tagged , , , , , , , , , , , , , , , , , , , , .