Banks battle blended threats

Banks battle blended threats

By Christine Gill

Australian banks are under pressure to take urgent action in the face of increasingly diverse cyber attacks. By Christine Gill

Despite the global economic down turn, banks and financial institutions are investing heavily in securing their IT systems. Security now stands for 6 to 8 per cent of the IT budget - that's $1 in every $15 of IT spend devoted to security - and the reason for this is clear. Cyber security attacks are becoming more frequent and more sophisticated.

The 2003 Global Security Survey of the top financial institutions by consultancy Deloitte Touche Tohmatsu found that 39 percent of the world's biggest financial services institutions have been the victim of cyber security breaches over the past year. Of those, two-thirds came from external sources. But of most concern to security officers is the need to ensure adequate ongoing funding.

Stephen Ford, director security services Deloitte Touche Tohmatsu, says there are a number of factors driving this. "Firstly, financial institutions are acting in an increasingly global world. They are taking all of their products and services out across the Internet and the intrinsic risks associated with that obviously increase as well. Secondly, the nature of the threats is changing. There are more and more hackers and the threats are becoming far more sophisticated and evolving rapidly: "So, extra expenditure is required to support the broader business base but also to keep up with these threats. For example, we are now getting things called blended threats where payloads are hidden and different mechanisms are used to get them in to an organisation," says Ford.

A former head of IT security at Macquarie bank, Reserve bank (RBA), and formerly involved in security at Westpac, Ford is an expert in the area of information security within the financial services sector: "We now have viruses which are polymorphic which means that different versions of it look quite different, and they are also metamorphic which means that as they propagate they change. So each time a virus is sent somewhere else it looks different to the original one. We are getting very, very complex payloads whereas in the past, a virus would come in and do one thing, now it comes in and it does 20 or 30 different things."

Ford says that although Australian banks had recently suffered a surge in cyber attacks in the form of hacking and viruses such as the Love Letter virus in 2000 (which helped cause an estimated $5 billion damage globally), it is the technology-based scams which are the most interesting. He says that in Australia technology-based scams have been happening in the direct criminal area in the last 6 - 12 months to draw bank customers away from legitimate bank sites.

The future is security

Overall, Australian banks emerged relatively well in most aspects of security maintenance, according to the Deloitte's survey. About 80 per cent of security officers were confident about their protection against malicious cyber attacks, but only 43 per cent were confident their back-up plans would be completely effective.

Ford says that there are encouraging signs of progress in the financial services industry worldwide to take tougher security measures, especially the increase in the number of information security officers and their relative position within organisations, (the position of chief security officer is moving up in the corporate hierarchy), as well as plans by a vast majority of these organisations to incorporate new measures such as PKI, smart cards and wireless security: "At the same time, there still seems to be a lack of clarity on the impact of multiple governance initiatives on information security and the role it will play in compliance."

Business Solution: