Ensuring banks’ cyber security

24 November, 2020 12:00 AM printer

After Bangladesh Bank cyber heist in 2016, several security measures were taken that include preparing and issuing guidelines for banks aiming at strengthening their security systems. Though some isolated incidents took place since then, the overall security system of the banking sector did not face any major adversity. But the central bank, in recent time, has made repeated warnings of a possible cyber attack mentioning that a North Korea-based hacking group has been trying to hack banks in Bangladesh and asked banks to strengthen cyber security to have hacker’s cake dough.

Following BB’s warning, many banks have taken some steps such as keeping ATM booths shut at night and putting restrictions on cards and online transactions; some of them have even suspended EMV transactions from ATMs, BEFTN transactions and SWIFT transactions. But banks, allegedly, have lacked proper tools for monitoring to thwart cyber attacks. Having an old-fashioned security system, they even do not conduct security audit regularly. According to BB guidelines, all the banks must have their systems under Security Operation Centre (SOC) so that the system can be placed under constant monitoring, but only four banks have SOCs. Besides, lacking managed switches, next-generation firewalls and email gateways put many banks at risk of cyber attack.

Banks are considered the most secure place which is why people put their hard-earned money there without any fear. Losing their credibility will leave many other problems besides just incurring financial losses. If people start saving their money at homes instead of banks, the country may face a shortage of investment that comes from banks in different ways. For years, our banking sector is facing difficulties because of irregularities such as default loans. Hence any sort of cyber attack will worsen the situation.

So, proper steps should be taken to face this challenge. Banks should get over their weaknesses in network systems by maintaining the BB guidelines properly. In particular, banks should invest more in developing skilled manpower and enhancing IT security. Besides, awareness should be created among card users so that they can be aware of sharing one-time-password (OTP) during any kind of digital transaction. All of these should be done to keep people’s faith intact, which is the only means to encourage people to bank.