www.aab.al
EXPERTS'S FORUM
Cyber security in an interconnected world Cyber security will undoubtedly continue for the foreseeable future, but the threat can be turned into a manageable nuisance if financial organizations are vigilant, maintain robust cyber defenses, and collaborate with each other, as much as possible.
Gizem TANSU, ICA
Bangladesh Bank famously became the victim of a cyberattack, that resulted in an attempted theft. While, only a fraction of the funds was stolen, the event proved a watershed moment for the financial industry. It rapidly became clear that this incident was not going to prove a single occurrence, instead, it was part of a wider and highly adaptive campaign, targeting banks around the world. In the few years, since the Bangladesh Bank incident, we have seen the cyber threat
Financial Crime Compliance Initiatives EMEA, SWIFT
T
he financial sector is arguably among the most advanced, when it comes to the use of IT and has invested heavily in IT security systems. It is also one of the most interconnected worlds — and an attractive target for cybercriminals. The World Economic Forum (WEF) has cited cyberattacks as a top global risk, for several years running. Cyber security for financial institutions in Albania is a clear and present danger, as it is for companies worldwide. Fraud and cyber threats are by no means new challenges for the financial industry. However, in recent years, we have seen threats become increasingly more organized, more sophisticated, and more global than ever before. In early 2016,
30
Bankieri
January 2020
Banks in Albania do not operate in a vacuum and are part of the wider financial ecosystem. They interact and transact with numerous counterparties, on a daily basis, so cybersecurity risks represented by their counterparties also need to be assessed.
continues to evolve, with banks now facing attacks of increasing levels of sophistication. In our industry, cyber criminals seek to corrupt the local operating environment and payment processes of financial institutions, by obtaining valid operator credentials and injecting fraudulent transactions
directly into the interface that connects to the SWIFT network. Cyber criminals are skilled and determined, can breach networks in minutes and then evade detection for months. Once fraudulent payments have been sent, attackers will typically cover their tracks, hiding evidence of their actions. Using various tools and techniques, they delete or manipulate records and deliberately corrupt systems to confuse forensic experts. The longer it takes a bank to notice it has been attacked the better chance the criminals have of cashing funds out of the system completely. Since the Bangladesh Bank incident, banks have devoted significant resources to strengthening their defenses. But as the industry steps up its defenses, cyber criminals change their tactics. Initially, they would issue fraudulent payments, outside business hours to avoid detection, but have more recently turned this approach on its head, acting during business hours to blend in with legitimate traffic. Increasingly, criminals are also using new payment corridors and have started using European currencies in fraud attempts, in addition to the US dollar. These new tactics make it more difficult for banks to spot anomalous transactions. However, there are tools, that Albanian banks can put in place, to help them check that their transactions are indeed legitimate. Anti-fraud tools help detection, by analyzing data and looking for
