Australian-owned banks are dangerously exposed to cyber attacks as earlier this month the RBA (Reserve Bank of Australia) sounded the alarm in its semi-annual financial stability review warning that a significant cyber event had a potential for systemic implications in the banking sector and this is all could be inevitable. Aussie-owned banks are wide open to email fraud and domain impersonation. Adrian Kovich Proofpoint Senior Director run the ruler over 84 banks and found only a handful have proper domain security.
Furthermore, he said “One of the key areas that we know that cyber security is, that’s being attacked in cyber security is around email and looking at the kind of attacks we see and the kind of attacks that put Australian businesses in danger are what we call Domain Impersonation. Domain impersonation involves people emailing you pretending to be somebody else.
What we’ve found as a part of Proofpoint study off the back of the reserve bank’s warning was that 84 deposit-taking institutions. Only a small number of those are in a position to be able to actually put that authentication in place which is quite concerning given the importance of email security as a vector for attacks on organizations”.
This is far more important than a spam email, as spams emails are annoying but these are the ones where you click the link thinking it’s your bank and you’ve just opened the floodgates and that’s just one part of that kind of attack. As we see banks being impersonated to the general public, the general public wants to know that if it receives an email from their financial institution and it is actually coming from where it says it’s coming from and not a scammer or someone trying to steal money from them.
Additionally, banks are receiving those emails as well and the trust between financial organizations is also very important.
Currently, Australian-owned banks are dangerously exposed to cyber-attacks and it doesn’t mean that other countries are safe.
With our whole life in the cloud now there are risks everywhere. The RBA decided to raise the red flag this time around and there are a number of reasons that they raise the red flag.
One is particularly, the number of cyber security attacks or incidents increased significantly over the last number of years and there are a plethora of different actors looking to take advantage of the interconnected nature of today’s financial system and attackers go where the money is and these kinds of attacks have continued to be successful over the years and that’s only going to increase so we know that that’s where the attacks are going to be.
There are varying uptakes on banks in particular because of the financial nature of the communication and the fact that they communicate with the public as well. On our laptop, there is another massive risk that didn’t exist maybe a few years ago, a lot of the ways we communicate now are electronic.
Like we have smartphones and can use email, browsers, etc. The way we communicate and the trust that we need to place in that channel is really important, as we really communicate over that channel above everything else. So, it is very important to be aware of these threats.