Banking system needs world-class cyber security
Sarwar Md. Saifullah Khaled | Published:
March 30, 2016 19:47:38
October 21, 2017 18:35:05
Bangladesh has some US$28 billion in foreign currency reserves. A comical typo saved Bangladesh's central bank from losing as much as US$1.0 billion to hackers. But of the US$101 million stolen, US$81 million is yet to be found. Now the Bangladesh Bank (BB) is in turmoil. Its governor has resigned and a new governor has been appointed. Some top officials have been removed. The US Federal Bureau of Investigation (FBI) is assisting the Bangladesh authorities amid suggestion of involvement of insiders for the theft. Central banks in the developing world, with a lot of money but not as much digital fortification, are especially at risk.
Meanwhile, leading bankers have urged the new BB governor to install world-class security infrastructure in the country's banking sector. They made the suggestion when a delegation of the Association of Bankers, Bangladesh (ABB) called on the governor of the central bank on March 21, 2016.
Following the meeting, a BB spokesman briefed newsmen about the proceedings of the courtesy meeting. The bankers urged the new governor to take measures to enhance cyber security of the central bank in particular and the whole banking system of the country in general. They said some of the private banks have already installed world-class cyber security system.
Surprisingly enough, the officials of the Bangladesh Bank had kept the news of the cyber heist quiet for more than a month. After such a heist, preventing hackers from moving the money required global co-operation. The thieves in this case laundered much of the cash in the Philippines where casinos are exempted from otherwise strict anti-money-laundering requirements. The heist has also shown that even the Society for Worldwide Interbank Financial Telecommunication (SWIFT) messaging system is not 100 per cent secure too. Brussels-based SWIFT, a co-operative owned by some 3,000 global financial institutions, could advise its members to follow certain minimum security standards. According to IT experts, there is no organisation with regulatory oversight of how central banks and other financial institutions secure their networks. The puzzling episode of the heist in the Bangladesh Bank should serve as a wake-up call for the global financial organisations.
The SWIFT provides separate secret code to its members for operation of the system. The CEO of SWIFT in a letter has cautioned its Bangladeshi users about invasion of malware and asked them to take all sorts of protection to prevent malware attack.
According to a Kaspersky Lab report in April 2015, from a quarter to more than half of the organisations in the region have said they faced viruses and other malware, phishing and software vulnerabilities last year. Despite the irreversibly speeding up of technology, the fact remains that even the most secure IT installations in the world are not always beyond a breach.
The writer is a retired Professor of Economics, BCS General Education Cadre.