Editorial | Cybercrime and banks
With reports of cybercriminals targeting local bank networks, customers are understandably feeling vulnerable that they, too, might become targets in the future.
Cybercrime, to include online banking, is complicated. There are three critical groups to consider when examining cybercrime – organised criminals, victims, and those who seek to deter those criminals.
Online technologies have given birth to a new generation of fraudsters who have become experts at breaking into people’s accounts and illegally removing their money for their own benefit. It is happening all over the world despite the fact that some institutions have ramped up cybersecurity spending to keep these criminals at bay. It is estimated that breaches against banks have increased by 300 per cent since 2014, costing the industry some $1 trillion.
With the onset of the COVID-19 pandemic, many financial institutions accelerated their use of alternate platforms on which customers could conduct business in order to eliminate face-to-face interaction because of lock-down measures. By employing technology, the banking sector aims to be more efficient. Unfortunately, it is these same platforms that criminals are using to commit a litany of fraudulent actions, involving credit card scams, blackmail, and other illegal activities such as personal attacks.
Acute damage can be done to an economy by cybercriminals because they threaten the safety and security of the country. Not only do they develop methods to steal money, they also gain access to vital business information, which they can use to interrupt commercial activity. One of the looming threats is that people might take their money overseas if they get the sense that their funds are not safe in local banks. Besides, the monetary losses from these crimes are borne by customers and the banks, whose credit ratings and reputations could be shredded.
The Bank of Jamaica (BOJ), the country’s central bank, is itself not immune to these attacks. There are documented examples of central banks being hacked and millions of dollars siphoned off by hackers who can be anywhere from Bangladesh to Vietnam. Therefore, the BOJ has an overriding interest in ensuring that banks prioritise cybersecurity using risk mitigation strategies and techniques.
We believe banks ought to see it as their responsibility to minimise the exposure of their customers to cybercrime. There is also an urgent need for banks to invest more of their enormous profits in customer care machinery. First, banks need to identify digitally vulnerable customers. Then, tech-savvy customer service personnel should be available to educate customers to lurking dangers and to help them understand how to protect critical information when doing business online. This care must include methods of authentication, identification and verification.
What about law enforcement? The existing crime-fighting strategies of the Jamaica Constabulary Force, as they relate to investigation and evidence-gathering, are determined to be very weak, so much so that citizens have poor confidence in the ability of the police to identify, arrest and secure successful prosecutions, even for the most basic crimes.
Against that background, how much can be expected from them in fighting cybercrimes? How can the police get ahead of these criminals? To fight this monster in our midst will require additional technical expertise and manpower.
And, as cybercrime explodes here and around the globe, our tertiary institutions should recognise new opportunities for training in digital forensics by offering certificates and/or degree programmes in this discipline. Experts advise that computer security, audit control and data integrity will help to build secure systems in industry and the entire community.
Crimes in the banking industry are on the increase and institutions in the Third World will be hard-pressed to bolster their defences in the current climate. This crime of modern times demands that individuals like companies and organisations move urgently to protect themselves.