“We are facing a completely new type of cyber attack”
The damage is enormous: more than 100 billion euros is what sabotage, espionage and data theft cost the German economy every year according to a study by the German digital association Bitkom in 2019. The study includes financial damage resulting from attacks that were both digital and analogue in nature. And it also shows that the number of attacks has almost doubled since 2017.
Teresa Ritter, one of the authors of the study, says that cyber attacks in particular are becoming increasingly sophisticated and attackers are morphing into something really quite dangerous. In the interview she talks about what makes a bank such an appealing target, how catastrophic a successful attack would be and she shares her advice for financial institutions.
Ms Ritter, what kind of damage do cyber attacks cause?
Ritter: Cyber attacks inflict very different types of damage. Attackers often try to steal sensitive information about products. If counterfeit versions (fakes) then appear on the market, the companies affected run the risk of losing sales. Then there are hackers who steal client data, which can cause huge reputational damage and a loss of trust.This, too, generally sends revenues tumbling.
Attacks on financial institutions are mainly with the intention of stealing money or sensitive client data
However, it is very difficult to calculate precisely what proportion of the decline in turnover can actually be attributed to a cyber attack. Attacks on financial institutions are mainly with the intention of stealing money or sensitive client data.
What form does such a cyber attack typically take?
Basically there is a series of different types of attack that can be observed again and again. A frequently used type of attack is a Distributed Denial-of-Service (DDoS) attack, in which the target’s website is crashed. This works because the infrastructure behind websites only has a limited capacity. This means that only a limited number of people per hour can access a website and that it crashes if too many people try to open the page at the same time. Attackers exploit this by suddenly sending multiple requests to the website they are targeting. This results, for example, in the capacity of an online banking provider being overwhelmed and the site becomes temporarily unavailable. In such cases clients are no longer able to use their online banking facilities. By perpetrating a DDoS attack, the attacker dents the customer’s faith in their provider causing reputational damage that can do enormous harm to the bank.
How have attacks and attackers changed over time?
Nowadays companies are being confronted by professional gangs who obtain money from organised crime
Whereas the perpetrators of most attacks tended to be amateur hackers, nowadays companies are being confronted by professional gangs who obtain money from organised crime, for example. In some cases foreign intelligence services are behind the attacks. Often the aim is to gain a competitive advantage for one’s own economy by spying on highly specialised firms, for instance. This means that we are facing a completely new type of cyber attack. The attackers take much more time and observe the behavioural patterns in companies before conducting an attack. Whereas the attacks tended to previously take place outside opening hours, nowadays hackers join in with the normal data traffic and attack during opening hours. Attacks can thus remain undetected for quite a long time.
The attackers take much more time and observe the behavioural patterns in companies before conducting an attack
What should banks do to arm themselves?
This is a huge challenge. The only way is to take a variety of measures: companies have to upgrade their technology, devise contingency plans and focus more attention on their staff. Regular IT security training is a fundamental part of taking the right precautions. Firewalls and virus scanners have long been insufficient. Technical solutions should be implemented that can detect small changes to a company’s normal data traffic and promptly raise the alarm. Artificial intelligence can help here to provide early warning of these new and sophisticated attacks and to take countermeasures.
According to a report by the management consultancy EY, banks’ risk managers considered cyber risks to be their main challenge last year despite sustained low interest rates and an uncertain geopolitical situation. Rightly so?
Banks are an extremely attractive target for hackers. The potential pickings they offer are large amounts of money and sensitive client data. This also means that the company is exposed to a sizeable risk. Besides the huge loss of trust that can be the consequence of just one solitary successful attack, public safety is put at risk by attacks on banks. The worst case scenario would undoubtedly be an attack on our big banks that paralyses all systems, thereby interrupting the usual flow of money. If people can suddenly no longer withdraw cash or do online banking, then chaos would break out sooner or later and social cohesion would be put at risk.
How well prepared do you think banks are to repel such devastating attacks?
Particularly because the risk for banks is so high and the disruption or destruction of their IT infrastructure would have major repercussions for our society, the financial and insurance sectors are designated as parts of the critical infrastructure. That is why they are subject to particularly stringent regulation, whose main aim is to bolster the resilience of banks.
The challenges in the fight against cyber crime are changing faster than ever
I believe that this regulation is a good one and makes sense. However, the challenges in the fight against cyber crime are changing faster than ever. That is why it is so important that banks and the legislature keep pace.
Home
The damage is enormous: more than 100 billion euros is what sabotage, espionage and data theft cost the German economy every year according to a study by the German digital association Bitkom in 2019. The study includes financial damage resulting from attacks that were both digital and analogue in nature. And it also shows that the number of attacks has almost doubled since 2017.
Teresa Ritter, one of the authors of the study, says that cyber attacks in particular are becoming increasingly sophisticated and attackers are morphing into something really quite dangerous. In the interview she talks about what makes a bank such an appealing target, how catastrophic a successful attack would be and she shares her advice for financial institutions.
Ms Ritter, what kind of damage do cyber attacks cause?
Ritter: Cyber attacks inflict very different types of damage. Attackers often try to steal sensitive information about products. If counterfeit versions (fakes) then appear on the market, the companies affected run the risk of losing sales. Then there are hackers who steal client data, which can cause huge reputational damage and a loss of trust.This, too, generally sends revenues tumbling.
However, it is very difficult to calculate precisely what proportion of the decline in turnover can actually be attributed to a cyber attack. Attacks on financial institutions are mainly with the intention of stealing money or sensitive client data.
What form does such a cyber attack typically take?
Basically there is a series of different types of attack that can be observed again and again. A frequently used type of attack is a Distributed Denial-of-Service (DDoS) attack, in which the target’s website is crashed. This works because the infrastructure behind websites only has a limited capacity. This means that only a limited number of people per hour can access a website and that it crashes if too many people try to open the page at the same time. Attackers exploit this by suddenly sending multiple requests to the website they are targeting. This results, for example, in the capacity of an online banking provider being overwhelmed and the site becomes temporarily unavailable. In such cases clients are no longer able to use their online banking facilities. By perpetrating a DDoS attack, the attacker dents the customer’s faith in their provider causing reputational damage that can do enormous harm to the bank.
How have attacks and attackers changed over time?
Whereas the perpetrators of most attacks tended to be amateur hackers, nowadays companies are being confronted by professional gangs who obtain money from organised crime, for example. In some cases foreign intelligence services are behind the attacks. Often the aim is to gain a competitive advantage for one’s own economy by spying on highly specialised firms, for instance. This means that we are facing a completely new type of cyber attack. The attackers take much more time and observe the behavioural patterns in companies before conducting an attack. Whereas the attacks tended to previously take place outside opening hours, nowadays hackers join in with the normal data traffic and attack during opening hours. Attacks can thus remain undetected for quite a long time.
What should banks do to arm themselves?
This is a huge challenge. The only way is to take a variety of measures: companies have to upgrade their technology, devise contingency plans and focus more attention on their staff. Regular IT security training is a fundamental part of taking the right precautions. Firewalls and virus scanners have long been insufficient. Technical solutions should be implemented that can detect small changes to a company’s normal data traffic and promptly raise the alarm. Artificial intelligence can help here to provide early warning of these new and sophisticated attacks and to take countermeasures.
According to a report by the management consultancy EY, banks’ risk managers considered cyber risks to be their main challenge last year despite sustained low interest rates and an uncertain geopolitical situation. Rightly so?
Banks are an extremely attractive target for hackers. The potential pickings they offer are large amounts of money and sensitive client data. This also means that the company is exposed to a sizeable risk. Besides the huge loss of trust that can be the consequence of just one solitary successful attack, public safety is put at risk by attacks on banks. The worst case scenario would undoubtedly be an attack on our big banks that paralyses all systems, thereby interrupting the usual flow of money. If people can suddenly no longer withdraw cash or do online banking, then chaos would break out sooner or later and social cohesion would be put at risk.
How well prepared do you think banks are to repel such devastating attacks?
Particularly because the risk for banks is so high and the disruption or destruction of their IT infrastructure would have major repercussions for our society, the financial and insurance sectors are designated as parts of the critical infrastructure. That is why they are subject to particularly stringent regulation, whose main aim is to bolster the resilience of banks.
I believe that this regulation is a good one and makes sense. However, the challenges in the fight against cyber crime are changing faster than ever. That is why it is so important that banks and the legislature keep pace.
This video of the series #Expedition150 gives further insights on the topic: