Cyberfraud is being adopted by organised crime, but also by countries such as North Korea who were behind the Sony hack. Earlier this month, the New York Times alleged in a progress report on cyberfraud that, according to The Guardian, “North Korean hackers nearly pulled off the greatest bank heist in history. They were within a keystroke of nicking a billion dollars from the New York Federal Reserve and were stopped only by a spelling mistake: a bogus withdrawal request misspelled “foundation” as “fandation”. Even so, they got away with $81m.” Is there any way we can protect ourselves, our company?
Why bother - because individually and collectively we have no choice. Fraud prevention disciplins protect against anyone, but the fraud prevention has to be water tight everywhere. Just ask any of the banks, e.g. J.P. Morgan; the consultancies, e.g. Deloittes; and any of the large companies, e.g. ABB, etc. about the little things that provided the door into their company/organisation. However, there is no respite, you just have to have the disciplins, the best practices, and the technologies to stop cyberfraud. Also remember that it could be your competitors that are attacking you.
There many lists of what to do to prevent cyberfraud attacks - best practices, what technology to use, etc. However, it is the overall combination that counts, not just any one technology or best practice.
Recent innovative developments in cyberfraud prevention included using:
- Synack, a company which hires real hackers from 50 different countries and task them with breaking into corporate systems to expose their vulnerabilities.
- SWIFT’s expanded Name Screening service to enable smaller firms and institutions in emerging markets to screen customer databases against sanctions and Politically Exposed Persons (PEP) lists to prevent financial crime
- Biometric authentication of online platform PC users, e.g. BofA Merrill’s partnership with Intel
- Citi Quick Lock to quickly and easily lock their debit or credit cards online or via its mobile app if a card is misplaced
- Token numbers in payments rather that real debit or credit card numbers.
What to read
The SWIFT Institute recently published three new working papers, each aiming to contribute towards the establishment of better cyber defences for the financial industry:
- “Forces Shaping the Cyber Threat Landscape for Financial Institutions” by William A. Carter
- “The Cyber Security Ecosystem: Defining a Taxonomy of Existing, Emerging and Future Cyber Threats” , by Dr Jason Ferdinand with Richard Benham
- “Sharing Insider Threat Indicators: Examining the Potential Use of SWIFT’s Messaging Platform to Combat Cyber Fraud”, by Elizabeth M. Petrie and Casey D. Evans.
And our list: Minimise your fraud: use these Cybersecurity tips & ideas from THE experts.
Cyberfraud - it will be your fault. Protect yourself
Who is responsible: IT? Internal audit? Corporate treasury? Accounts payable? Government? Global regulators?
Cyber fraud prevention - the vital questions for your board
UK’s NCA Strategic Cyber Industry Group concluded: “Perfect security is almost impossible”, so your board better have appropriate answers to these questions or are you already in big trouble?
Latest tips and services for preventing cyberfraud
Dangers of social media, AML best practices, avoid ransomware and enhancing qualification capabilities online