War ignites cyber attacks on banks

Companies, states, NGOs, and citizens themselves fear cybercrime. But one of the business sectors most concerned and sensitive to computer attacks is the banking sector. They are the target of cybercriminals: more than 50% of computer attacks in Spain last year were against bank customers, according to the IX report on cybercrime in Spain, prepared by the Ministry of the Interior.

Of the total of 240,100 victims, 92,199 people experienced fraud through their bank cards, either credit or debit, and 28,863 people experienced bank fraud. The data comes from the various police forces operating across Spain and from autonomous forces, such as Mossos d’Esquadra, Ertzainta or Navarre Foral Police. Every time there is an attack on the financial sector, banks report what happened to the police and alert citizens via social networks.

Read also

Rachel Keelart

Spaniard Jose Manuel Campa, head of the European Banking Authority, admitted a few days ago that “cyber security is the biggest risk presented to the financial sector at the moment.” In the face of rising cybercrime, the three banking employers in Spain (AEB, CECA and Unacc) along with the Association of Financial Users (Asufin) will launch a TV campaign to warn people never to share their bank details or passwords, nor to reply to emails or suspicious SMS or phone calls, even if they pretend to come from your own financial institution.

Banks can be attacked from two sides: their customers and the institution’s technology infrastructure. “In the past three weeks, attacks on online banking have spread to disrupt their operations in countries such as Poland, Norway, Sweden and Finland. This phenomenon is spreading across Europe. And in some of these cyberattacks, hackers have assumed Russian origin,” warns Jesus Romero, Partner Responsible About Business Security Solutions at PricewaterhouseCoopers. These are attacks that appear to be linked to the war in Ukraine and the climate of confrontation between Europe and Russia.

a growing problem

“Cybersecurity is the biggest risk to banking,” says Jose Manuel Campa, president of the EBA.

Hence, “the Spanish bank has raised the level of alert, which means increased investment in cybersecurity,” sources in the sector explained. A large financial institution suffered from this type of attack for a few hours.

A report by consulting firm PwC shows that, worldwide, 61% of banks planned in 2022 to increase their cybersecurity budget by 5-15%. The same study shows that in the banking sector, 16% of their investment in security is devoted to uploading their information to the cloud securely and 15% to equipping themselves with technical mechanisms that detect threats in real time.

Read also

Arnau Casas Pujol

“Entities do not advertise their investments in protecting themselves from cybercrime because it is very strategic data,” says Marc Martinez, partner in charge of cybersecurity at KPMG in Spain.

The most common crime, explains Martinez, “in the past two years has been ransomware Which is represented in the banks kidnapping the data of their customers and then asking for a ransom to get it back.” The expert asserts that “this kind of ransom is paid in bitcoin so that the author is not recognized,” although he adds that the slogan is not to pay money to terrorists, but to recover data using their own servers and backup copies.

protection

Globally, 61% of banks increased their budget for cyber attacks this year

Less mature financial institutions will have to make a greater effort to comply with DORA, the regulation on operational digital resilience that will come into effect at the end of 2024 that is imposed by the European Central Bank.

Romero concludes, “With cyber attacks on businesses, terrorists make a lot of money quickly and take advantage of the fact that the legislation in every country is different, which sometimes makes it difficult to follow in their footsteps.”