DAWN.COM Logo

Today's Paper | April 27, 2024

Cyber alarm for banks

Editorial Published November 6, 2018

THE first reported cyber attack on a Pakistani financial institution has just sent alarms bells ringing across the financial sector, and the lessons must be heeded quickly. The amount lost in the attack, which was the handiwork of hackers located abroad, is small — Rs2.6m according to the bank itself — but the figure could have been much larger. More importantly, the attack exposed the vulnerability of Pakistan’s financial system to cyber attacks at a time when another similar technology-related breach was reported in the database of the Central Directorate of National Savings that holds up to Rs3.65tr in deposits from individual and institutional investors. The nature of the breach in the two cases is very different, but both have served to highlight the fact that the country’s financial system has powerful vulnerabilities that could lead to large-scale damage if not plugged properly.

In the wake of the hacking attack on the bank, it was discovered that the entire security architecture of the financial system is flawed. For example, one would expect that an attack on one institution would trigger an alert for all other institutions so that they can take preventive steps. One would also expect that the alert would be shared with the State Bank and the payment operator in a timely manner so that they can put in place the measures necessary to plug the breach, as well as protect customers. But no such system for generating alerts exists, and individual financial institutions would prefer to bury the news of an attack and cover up its impact in the hope that nobody, save for a few customers who have been affected, will find out, so that they can return to business as usual.

Given the emergence of mobile banking and the fast growth of internet banking, it is all the more important for banks and other financial institutions to focus on cyber security and have industry-wide protocols on how to react when a breach is known to occur. Biometric verification can play a role in this, as it does in mobile banking, as well as real-time monitoring of the IT systems of all financial institutions. The State Bank is leading an effort in this direction, and deserves all the cooperation from the banks. But other institutions, like CDNS and the Central Depository Corporation also need to be brought into this effort, along with brokerages. Perhaps the State Bank can sit down with the management of the Pakistan Stock Exchange and the Securities and Exchange Commission of Pakistan, along with FIA cybercrime experts and private-sector cyber activists, and lead a process to determine the full scope of protections required to safeguard the financial system from future attacks. The threat should not be taken lightly because the next attack could be far bigger.

Published in Dawn, November 6th, 2018

Read more

On DawnNews
Dawn News English
Comments (2) Closed
Omar Hussain
Nov 06, 2018 03:50pm
Watch out for our new friend Belarus.
Recommend 0
Syed Irfan Ahmed
Nov 07, 2018 12:53am
The whole of the article was well written. Though I am an avid user of mobile banking, biometric varification has never been an option. The editor may be suggesting introduction of such a tight identification system to processs the purchases through biometric sytems online, or he may pehaps be unaware of existence of such a sytem.
Recommend 0

Latest Stories

dawn images site

Most Popular

01
02
03
04
05
06
07
08
09

Must Read

Opinion

Editorial

Missing links
Updated 27 Apr, 2024

Missing links

As the past decades have shown, the country has not been made more secure by ‘disappearing’ people suspected of wrongdoing.
Freedom to report?
27 Apr, 2024

Freedom to report?

AN accountability court has barred former prime minister Imran Khan and his wife from criticising the establishment...
After Bismah
27 Apr, 2024

After Bismah

BISMAH Maroof’s contribution to Pakistan cricket extends beyond the field. The 32-year old, Pakistan’s...
Business concerns
Updated 26 Apr, 2024

Business concerns

There is no doubt that these issues are impeding a positive business clime, which is required to boost private investment and economic growth.
Musical chairs
26 Apr, 2024

Musical chairs

THE petitioners are quite helpless. Yet again, they are being expected to wait while the bench supposed to hear...
Global arms race
26 Apr, 2024

Global arms race

THE figure is staggering. According to the annual report of Sweden-based think tank Stockholm International Peace...