Today, cyber attacks are without exaggeration the bane of modern society, which is diving ever deeper into the digital dimension. In the World Economic Forum’s Global Risks Report 2018, this threat is ranked as the third most likely global risk (followed by data fraud or theft, which were ranked fourth) and the sixth in terms of impact. Such an assessment implies the need of large-scale investment in cyber security (in particular in the financial sector) and international partnership that will allow accumulating resources for effectively tackling this threat.
In financing, the IT-security issue plays a special role – potential damage here is calculated in millions of dollars, banks thus presenting a very seductive target for fraudsters. Further, as stated in the IMF working paper Cyber Risk for the Financial Sector: A Framework for Quantitative Assessment, this sector possesses a number of features making it particularly vulnerable. These include, among other things, very high interconnection of networks providing the basis for banking system functioning, as well as use of the so-called legacy systems in many institutions – systems that no longer meet the current needs but are still in operation due to the difficulties related to replacing them as their design does not provide for the possibility of their restructuring.
In its turn, technology is moving forward: innovations in tap-and-go payments have contributed to a remarkable decrease in security concerns around contactless fraud. Across Europe, this decline amounted to 24 percent, with the confidence boost being the highest in the Netherlands, Spain and Great Britain, where the concern level dropped by 41, 33 and 31% respectively, notes Paolo Battiston, Executive Vice President Digital Payments & Labs Europe at Mastercard.
It is worth paying attention to a number of technological solutions that are considered especially efficacious when it comes to protecting financial institutions from outside cyber attacks. In particular, these include next-generation firewalls, or NGFWs, that represent integrated network security platforms where traditional firewalls are combined with alternative security solutions for traffic filtering – Deep Packet Inspection (DPI) systems, Intrusion Prevention Systems (IPS) and others.
On the other hand, the ‘pink glasses’ risk persists – unreasonably optimistic view of financial sector security. “The threat is real both in Russia and in the world in general”, emphasizes Vyacheslav Kasimov, Director for Information Security at Credit Bank of Moscow. “This is confirmed by what we see in the news as well as by our own statistics. Attacks on banks have not become less frequent. The upward trend in the number of attacks remains in place”. Besides, he notes, real capabilities of criminals significantly outperform the response of financial organizations in terms of efficiency. To stop at today’s level of security would therefore actually mean to sign one’s own death warrant.
Another way to enhance the finance industry resistance to cyber threats, alongside with direct investment, is international cooperation and exchange of know-how. Experience of finance service companies in the West in data security and fraud prevention, for example, could be successfully scaled in Russian realities. Today, Russian banks, including CBOM, are developing their own software having all necessary functions – this soft is mostly designed for monitoring and fraud detection. Meanwhile, the technologies that are widely used abroad may also appear a great asset: “An opinion that basic rules worked out on the basis of international companies’ experience can find no application in Russia is erroneous. We are speaking of high-quality instruments one just needs to be capable of using”, believes Vyacheslav Kasimov.
In choosing technologies for fraud prevention (including in the financial sector), one always needs to bear in mind that the assault techniques applied by cyber criminals are continuously improved. For instance, despite the use of endpoint protection solutions (EPP), many companies still fall prey to compromise. A really up-to-date endpoint protection has to be adaptive to the ever-changing threat landscape and shall include features that make it possible to detect complex attacks targeted at endpoints, as well as be able to promptly respond to incidents recorded – the tasks assigned to EDR (Endpoint Detection and Response) technologies. In several banks in Russia, the EDR-solution is currently being used in test mode, and the chances are high that it will be soon fully adopted as an efficient means of thwarting cyber attacks.
In the light of consistent evolution of the tools used by cyber fraudsters, technological upgrading of financial institutions becomes increasingly more costly. At the same time, there is much more at stake here, too. According to the 2017 Cost of Cyber Crime study undertaken jointly by the Ponemon Institute and Accenture, it is companies in financial services where the cost of cyber crime is the highest. Cutting back on security is a thankless job, any investments thus being quite justified (UK Finance, a trade association for the UK banking and financial services sector, states that investments in advanced security in the finance industry prevented £984.9 million in attempted unauthorized card fraud last year), whereas international cooperation, given the global nature of cyber threats, should contribute to the widest possible spread and application of solutions developed.