In the US, cyber-attacks against the financial sector surged by 238% between February and April this year, the peak period when the Covid-19 pandemic was fast spreading across the country and stay-at-home orders were implemented.
“At an alarming rate, transnational organised crime groups are leveraging on specialist providers of cybercrime tools and services to conduct a wide range of crimes against financial institutions …criminals are increasingly sharing resources and information and reinvesting their illicit profits for the development of new, even-more destructive capabilities,” said Tom Kellerman, head of cybersecurity at VMware Inc, during his testimony to the US House Financial Services Subcommittee on National Security, International Development and Monetary Policy in June.
In July, the US Federal Bureau of Investigation (FBI) warned of a heightened risk of cyber-attacks as more US consumers embraced digital banking. This is a reminder that mobile banking providers and financial institutions must protect their clients from malicious apps as the agency anticipates more cyber actors to exploit mobile banking platforms. Malicious apps were being embedded inside third-party software, and banking trojans can appear to be legitimate login pages.
“Banking and trust are synonymous, whether you are an incumbent bank or a digital challenger bank; one simply cannot exist without the other. As we live our lives and transact digitally, we leave a huge digital footprint. Banks will have the added responsibility of managing, protecting and using our data to ensure they are always in the consumer’s best interest.
“Greater digital adoption needs to go hand in hand with increased investments in cybersecurity and fraud-protection tools. For instance, during the [early days of the] Covid-19 pandemic, wealth managers were quick to adopt digital front-end tools and they upgraded to more advanced cybersecurity systems to limit fraud and make digital onboarding and digital signatures more secure,” says Audrey Yap, managing director for financial services at Accenture Malaysia.
Abrar A Anwar, managing director and CEO of Standard Chartered Malaysia, says it is critical for banks to keep investing in cybersecurity solutions. “According to the Communications and Multimedia Ministry, there was a 90% increase in cybercrime complaints during the Movement Control Order (MCO). Banks are investing energy, time and capital in creating solutions that have proactive detection and response capabilities such as threat hunting and post-breach analytics to minimise detection and remediation time.”
Standard Chartered’s Collective Intelligence and Command Centre uses digital technology to provide reliable and secure banking services. According to Abrar, the centre is the largest dedicated information and cybersecurity facility in the private sector in the country.
“Our top cybersecurity experts, software engineers, operations specialists and service partners, of which 85% are Malaysians, are physically located here. Together, they collaborate to develop strategies to predict, prevent and proactively improve our banking services,” he adds.
Standard Chartered also collaborates with CyberSecurity Malaysia, the national cyber security specialist and technical centre under the purview of the Ministry of Communications and Multimedia Malaysia, to exchange knowledge, practical skills and cybersecurity best practices.
Domenic Fuda, group managing director and CEO of Hong Leong Bank, highlights the need for ongoing customer education. “As consumers increasingly transact on digital platforms, whether banking, e-wallets or e-commerce, cybersecurity, especially in financial cybersecurity, will continue to be a key focus. Sophisticated and advanced security and compliance solutions must be used to protect our customers. In addition, we believe that on-going customer education and awareness on cybersecurity will be important to help customers not only protect themselves but empower them to be more digital-space-savvy,” says Fuda.