- Cybercrime Pandemic
- May 21, 2013 | Authors: Katharine F. Musso; Katharine F. Musso
- Law Firm: Jones Walker LLP - Birmingham Office
Each month sees an announcement of significant cybercrime against financial institutions. Last week it was announced by Federal prosecutors that two Middle East banks suffered $45 million in losses. The fraudsters were located in cells in the U.S. and abroad. The crime was particularly audacious in that it involved hacking into the computers of a third party payment processor and setting higher withdrawal limits on fraudulent ATM cards. It emphasizes the creativity and resources of fraudsters and the vulnerability of every financial institution.
Knowing its weaknesses is essential for every institution. Start with the assumption that everything that can be learned from the Internet assists a fraudster in targeting an institution. John Doe is the senior vice president for a Large Business Lender, Acme Gigantic Construction? A criminal ring will send John Doe a virus-infected e-mail so that it can watch e-mail traffic between John Doe and Acme until it is the perfect time to send a fraudulent wire request. Stand-alone ATM’s available 24 hours a day? Perfect for the insertion of skimming devices to steal debit card data from users. Jane Jones, head of correspondent banking, featured in a captioned photograph with six top correspondent clients at an annual meeting? Soon after, a new line of credit limit is fraudulently requested personally by correspondent client president.
Once potential weaknesses are identified it is important to take additional precautions. Enhance dual controls in operational areas. Enhance IT-based tools and make sure that non-IT staff can use tools properly to identify red flags and red flag trends immediately. Revise contracts with third parties to enhance third party responsibilities and shift liabilities. Lastly, research and invest in cyber coverage insurance on the assumption that it will be needed sooner rather than later and, unfortunately, probably more than once.