By Henry Masasire
The advent of the covid-19 pandemic has further posed more responses by financial institutions to cyber risks. They are already largely exposure to cyber risk has been further exacerbated by the move towards more working from home (WFH) and other operational challenges. As the economy and financial system become more digitised, cyber risk is growing in importance.
By definition cyber risk is an umbrella term encompassing a wide range of risks resulting from the failure or breach of IT systems and can be classified based on their cause/method, actor, intent and consequence. In this new era banks are not so often robbed because money is not only kept in bank vaults. In modern computer technologies and data networks a lot of money exists in cyber space. Banks have to adapt to modern trends of doing business electronically and at the same time protect themselves against cyber-crimes. In Zimbabwe almost all commercial banks have gone digital.
The banking sector’s ongoing digital transformation has caused the industry’s potential attack surface to grow, exposing organizations to increased levels of cyberthreat activity. As more businesses adopt digital banking solutions, having effective cybersecurity programs has become more important than ever before.
Covid-19 pandemic has disrupted the whole payment system in Zimbabwe and the world-over. One of the many impacts of the pandemic has been a rapid uptake on use of digital payments and the demise of cash, caused by social distancing measures and fears that the virus could stay for weeks on hard cash.
According to RBZ, there is a growth in digitial payments in the economy as witnessed by the surge in value of digital transaction which had grown from $15 billion in January 2020 to $70 billion by the end of October 2020. In the same period, number of point-of-sale machines in Zimbabwe grew by 7 000 to 129 000, mobile payment points increased from 29 925 to 31 801, while 800 000 new debit cards were issued. Credit cards moved from 18 000 to 327 000, and 10 000 prepaid cards were issued during the period.
The banking industry’s cyber threat landscape is characterized by high value of financial data and as a result cybercriminal are increasingly targeting customer banking credentials when carrying out attacks. As more banks implement mobile banking applications, new vulnerabilities for cybercriminals to target are introduced to the network. Banking apps can be exploited from both the client-side and the server-side, making them hard to secure or protect.
This calls for banks to be able to ensure that sensitive data is secure when it is being accessed from a customer device as well as when it is stored on bank servers.
Cybercriminals will also attempt to target bank’s third-party vendors which may include software vendors, banking equipment vendors and customer service vendors. Vendors have access to critical banking data but often lack strict security policies, making them a prime target for threat actors. As banks increase their reliance on third-parties, it is of paramount importance to continuously monitor cybersecurity. Appropriate vendor due diligence can go a long way in saving financial organizations from reputational damage and financial loss.
Prevalent cyber threats within the banking sector are continuously evolving and becoming more complex. In order for banks to stay ahead of threat actors, there is need for an understanding of the different attack vectors used to carry attacks. One of the trending threats on banking is Malware.
Malware has long been a threat to the banking sector. By infecting vulnerable end-user devices with malware, cybercriminals are able to gain access to entire banking networks and steal critical user data.
The growth of the malware-as-a-service model, as well as fileless malware attacks, highlights the need for comprehensive security policies in the banking industry.
Another trending threat is social engineering such as phishing, unlike traditional hacking methods, social engineering attacks exploit human behavior to gain access to company servers. Social Engineers manipulate employees into sharing login credentials or other sensitive information which is then used to compromise the network. Phishing attacks are also frequently targeted on customer, so it is essential for banks to educate their customers about cybersecurity best practices and this can be done through a security awareness newsletter or email.
Data manipulation attacks is another trending threat to banking sector which occurs when a threat actor gains access to a target system and makes undetected changes to data for their own personal gain. An example of this attack is when an employee modifies customer transactional data. In the banking sector, this is detrimental as manipulated data can result in non-compliance with data standards and lead to substantial fines – Harare