In quick succession, Facebook, the UK Conservative Party and British Airways have suffered aggressive cyber-attacks.
- Facebook saw 50 million user accounts affected with attackers able to takeover users’ accounts.
- The Tory Party suffered embarrassment when their official conference mobile phone app made the private data of senior party members accessible to anyone able to second guess just one attendee’s email address.
- Last month, hackers stole the personal and financial details of more than 350,000 people who had booked British Airways flights on the ba.com website and the British Airways app.
The words cyber-attack and data-breach are often used interchangeably and sometimes mistakenly, but cover a multitude of sins with cyber-criminals constantly looking for new ways to breach cyber-security.
At Crisis Solutions, working as we do with the financial sector, it’s our job to keep across these trends and deliver crisis simulations that reflect current hacking activity.
Facebook may look foolish for not securing client data, but so far no one appears to have lost money. The same can’t be said for the financial sector.
It wasn’t widely reported in the UK, but over the summer cyber-criminals hacked the systems of India’s Cosmos Bank and siphoned off nearly 944 million rupees ($13.5m) through simultaneous withdrawals across twenty-eight countries. Their method was inventive. Hackers planted malware in the bank’s ATM server and withdrew 805 million rupees in 14,849 transactions in just over two hours.
Apart from the ATM withdrawals, the hackers also transferred 139 million rupees to a Hong Kong-based company’s account by issuing three unauthorised transactions over the SWIFT global payments network.
Cosmos Bank said in a press statement that its main banking software receives debit card payment requests via a switching system. This was bypassed during the attack with the hackers planting a proxy switching system that allowed the fraudulent transactions to proceed.
Commenting, Nikhil Bedi a partner at Deloitte India, made this pertinent remark: “While there is growing awareness to regularly update an organisation’s cyber preparedness and defence mechanisms, a large number of institutions wake up to this reality only post an incident which often leads to a loss of reputation and/or financial misappropriation”.
A crisis simulation exercise makes sure that doesn’t happen and allows those who take part to learn from a simulated cyber-attack rather than learning on the job during the real thing.
But as the Cosmos Bank example indicates, cyber-attacks are a constantly shifting threat with hackers finding new and ingenious ways to circumvent IT security.
To mitigate these threats, crisis management plans and cyber playbooks must be kept up to date and tested during simulation exercises. There’s little point in using old plans or re-running a cyber scenario that’s past its sell-by date. It would be foolish to keep fighting yesterday’s battles today.