Challange with Security events reporting

There are series of Security incidents which have been reported in last few months pertaining to financial institutions. Such news items do create sensation and bring deserve publicity for need for better Cyber security controls.

 

 

http://www.theage.com.au/business/banking-and-finance/hackers-typo-botches-1-billion-bank-heist-20160311-gngg0s.html

 

However on other hand as a person looking to deep dive I do not find complete story behind the incident – Here for example what we are reading in case of Bangladesh is quite high level. I hope there is publication detailed incident providing answers to what application were these folks in Bangladesh Central bank accessing, was it direct swift terminals access (god help with individual level controls) or some fancy web application as a front which got hacked. I have strong doubts if 2FA was part of the controls.

 

Unfortunately we never get to read the complete story – Sharjah bank ransom demand was another classic incident, which could be new normal in hacking.

 

http://www.dailydot.com/politics/invest-bank-hacker-buba/

 

 

What’s the learning for us – At times we presume a system/network to be secure simply its used world-wide and looks uninviting from Security risk perspective. Hackers do not comprise only of techies but are bunch of people with diverse background, intelligence and skillset. Such incidents need to be analysed in details by financial service companies to get better grip of their own environment and appreciate what concerns are relevant for them to manage.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s