BoG cautions banks to guard against cyber attacks

The Bank of Ghana (BoG) is advising the country’s banks to guard against vulnerability to cyber attacks. “The growing threat of cyber attacks has never been more pressing.
Recent instances of payment fraud demonstrate the necessity for industry-wide collaboration to fight against threats,” the central bank’s Second Deputy Governor, Mr Johnson Asiamah said.
He was addressing bankers at a workshop organised in collaboration with SWIFT, the global financial transaction messaging network, on the company’s Customer Security Programme (CSP).
The CSP incorporates five strategic initiatives which are improved information sharing, enhanced SWIFT-related tools for customers, enhanced guidelines and audited frameworks, support for increased transactional pattern detection and support by third party providers.
The one-day workshop was aimed at educating SWIFT’s community of its obligation to meet mandatory security requirements and the associated qualification process at a time hackers are targeting banks.

Recent instances of payment fraud demonstrate the necessity for industry-wide collaboration to fight against threats,” the central bank’s Second Deputy Governor, Mr Johnson Asiamah said.
He was addressing bankers at a workshop organised in collaboration with SWIFT, the global financial transaction messaging network, on the company’s Customer Security Programme (CSP).
The CSP incorporates five strategic initiatives which are improved information sharing, enhanced SWIFT-related tools for customers, enhanced guidelines and audited frameworks, support for increased transactional pattern detection and support by third party providers.
The one-day workshop was aimed at educating SWIFT’s community of its obligation to meet mandatory security requirements and the associated qualification process at a time hackers are targeting banks.
Threat
Mr Asiamah observed that an attack on a financial institution could lead to financial liquidity problems for a specific institution, and in turn destabilise it. The fact that money had been stolen from it and it had lost its financial stability could, in turn, destabilise the entire financial sector and in extreme cases, result in socio-economic chaos in the entire country.
Almost a year after one of the world’s most sophisticated cyber robberies took place in Bangladesh, where hackers went into the country’s central bank and sent instructions through SWIFT to steal $81 million, the case has not been to be solved.
Using the messaging network for cross-border payments, the cyber fraudsters transferred funds from the bank’s account with the New York Federal Reserve to private accounts in Sri Lanka and the Philippines.
According to The Economist, much of the stolen funds is yet to be retrieved; the masterminds are yet to be identified, but probe into the robbery by the Bangladesh authorities and the Federal Bureau of Investigations (BNI) revealed the strikingly sophisticated and international nature of the crime.
With that attack in mind, the BoG Deputy Governor said every financial institution was responsible for reviewing its cyber defences, with an integrated view of all organisational systems and processes, in particular, information communication technology (ICT).
Basic principles
Mr Asiamah said the central bank was committed to facilitating the development of comprehensive basic principles of cyber defence to ensure the flexibility required, given the accelerated pace of change in the cyber world.
“At all time, the BoG acknowledges that each bank has its own risk evaluation profile and that each would have to make the required adjustments to its business profile and unique operation characteristics. However, the security of the industry as a whole is a shared responsibility,” he said.
He said the launch of the CSP would help improve information sharing throughout the industry and the introduction of standards that the industry could work with.
The Chief Executive of SWIFT for Europe, Middle East and Africa, Mr Leo Punt, told the Daily Graphic that the reason for the CSP was because of “the evolving threat to cyber security. We want to make sure that we establish security controls in protecting our customers and creating a level of transparency among banks connected to SWIFT.”
He described the Bangladesh attack as a watershed event for SWIFT and the financial community and exposed the level of sophistication that cyber criminals had been adopting in order to carry out attacks.
Sealing the gap
Mr Punt advised banks to look carefully at the control frameworks that have been defined and make sure that the gaps in their processes and procedures were sealed, while implementing the control tools the CSP offered.

The control tools, he said, included multi-step authentication to protect their systems, non-reliance on only passwords but also on systems that provided additional layers of protection.

Threat
Mr Asiamah observed that an attack on a financial institution could lead to financial liquidity problems for a specific institution, and in turn destabilise it. The fact that money had been stolen from it and it had lost its financial stability could, in turn, destabilise the entire financial sector and in extreme cases, result in socio-economic chaos in the entire country.
Almost a year after one of the world’s most sophisticated cyber robberies took place in Bangladesh, where hackers went into the country’s central bank and sent instructions through SWIFT to steal $81 million, the case has not been to be solved.
Using the messaging network for cross-border payments, the cyber fraudsters transferred funds from the bank’s account with the New York Federal Reserve to private accounts in Sri Lanka and the Philippines.
According to The Economist, much of the stolen funds is yet to be retrieved; the masterminds are yet to be identified, but probe into the robbery by the Bangladesh authorities and the Federal Bureau of Investigations (BNI) revealed the strikingly sophisticated and international nature of the crime.
With that attack in mind, the BoG Deputy Governor said every financial institution was responsible for reviewing its cyber defences, with an integrated view of all organisational systems and processes, in particular, information communication technology (ICT).
Basic principles
Mr Asiamah said the central bank was committed to facilitating the development of comprehensive basic principles of cyber defence to ensure the flexibility required, given the accelerated pace of change in the cyber world.
“At all time, the BoG acknowledges that each bank has its own risk evaluation profile and that each would have to make the required adjustments to its business profile and unique operation characteristics. However, the security of the industry as a whole is a shared responsibility,” he said.
He said the launch of the CSP would help improve information sharing throughout the industry and the introduction of standards that the industry could work with.
The Chief Executive of SWIFT for Europe, Middle East and Africa, Mr Leo Punt, told the Daily Graphic that the reason for the CSP was because of “the evolving threat to cyber security. We want to make sure that we establish security controls in protecting our customers and creating a level of transparency among banks connected to SWIFT.”
He described the Bangladesh attack as a watershed event for SWIFT and the financial community and exposed the level of sophistication that cyber criminals had been adopting in order to carry out attacks.
Sealing the gap
Mr Punt advised banks to look carefully at the control frameworks that have been defined and make sure that the gaps in their processes and procedures were sealed, while implementing the control tools the CSP offered.

The control tools, he said, included multi-step authentication to protect their systems, non-reliance on only passwords but also on systems that provided additional layers of protection

Comments

Post a Comment

Popular posts from this blog

Need an Auto Loan? Monday, April 2, 2012, pg 20

KOJO  wakes up at 3 a.m. everyday to avoid being caught up in the long queue at the lorry park and he wished this could be over soon. Ama is always late for work. Her excuse? Besides having to take care of her family’s needs every morning, she lives too far away from her work place and its hellish getting a car to the office. Michael has tons of bills to pay monthly, yet he is tired of boarding trotros and taxis to the office.. He has lost several important documents and even money on some occasions in the unreliable public transport. In all the above scenarios, the characters will certainly welcome their own cars; if they can afford one. But what if the costs of the cars are beyond them?  Well! That is why the banks and other financial institutions are available to help. But it is not that simple. As the demand for cars increase, some banks have developed loans mainly for the purchase of cars. So bingo! Auto loans are the answer. But who qualifies for an auto loan? Everyone who h
Read more

Spiritual healers, men of God take over billboards, Monday, September 17, 2012, pg 32

Image
SPIRITUAL healers have virtually taken over space of billboards across the country. This new trend is gradually overshadowing billboards of businesses, which used to be their preserve. From domineering larger-than-life structures through to miniature signposts, the traditional priests and priestesses, mallams and other traditional healers are competing for space with churches and the business community. Billboards advertising churches and shrines are on the increase along highways across the country, sometimes obstructing pedestrians and motorists alike. Advertisers Association of Ghana (AAG) figures estimate the minimum cost of producing a billboard at GH¢3,000 while the most priced is GH¢80,000. Proof that religion is a booming business in Ghana can be found in the increasing number of signposts and billboards advertising temples, churches and shrines promising career success, wealth, status in society, good marriages and problem-free visa acquisition, as well as booming b
Read more