Finance sector must step up in war on cyber criminals
Ahead of today's Dublin Info Sec conference in the RDS, Simon Rowe reveals why both consumers and businesses can no longer turn a blind eye to the threat of cybercrime
A cyber raid on Tesco Bank that resulted in £2.5m being stolen from 20,000 customer accounts is the latest in a long line of high-profile heists where sophisticated cyber defences have been outsmarted by even more sophisticated hackers.
But cyber security experts and financial regulators believe businesses and consumers need to up their game to defeat cyber criminals.
"If a 'bricks and mortar' bank was robbed of £2.5m, sales of bank safes and blast-resistant vaults would soar," said one expert. "So, the financial sector should be reacting in the same way after the Tesco Bank theft by making big improvements to cyber defences."
A rapid digitisation of consumers' everyday lives - from internet banking, to mobile payments, through to the growing interconnectedness of our online and offline worlds - has provided modern-day John Dillingers with unprecedented opportunities to steal our identities and our cash.
When Dillinger, one of America's most notorious villains in the Depression-era, was asked why he robbed banks, he replied: "Because that's where the money is."
Similarly, today's cyber criminals are targeting businesses and online consumers because that's where the money is. And rather than machine guns and getaway cars, today's bank robbers are armed with malware, botnets and phishing equipment.
Cybercrime is the world's fastest-growing industry, with the annual cost to the global economy estimated at $400bn (£321bn) - more than the GDP of some countries.
LinkedIn, Yahoo, Sony and eBay have all been hit by data breaches that have affected hundreds of millions of customers.
US retail giant Target was hit in 2013 when 40 million customers had their credit and debit cards compromised after malware was introduced to the point-of-sale system in almost 1,800 stores.
In March this year, US retail giant Home Depot paid $20m to compensate US consumers hit by a 2014 data breach affecting more than 50 million cardholders
One of America's largest health insurers, Anthem, had 80 million customer accounts breached last year in by far the largest data breach in healthcare history.
Ireland is seen as a "prized target" by hackers due to its close links to online giants such as Google, Yahoo, Facebook, PayPal, Microsoft and LinkedIn, a top cyber security expert has warned.
"Organisations in Ireland are being increasingly targeted because they are in the supply chain of large US multinationals," said Mike Harris, head of the cyber security unit at Grant Thornton.
"Rather than targeting large organisations directly, cyber criminals and hackers are increasingly targeting a third-party firm or a supplier of the bigger firm. This is something we are seeing with a lot of the large hacks," said Harris.
To put the threat to Irish businesses in context, Terry Greer-King, director of security for IT giant Cisco, says his firm "detects and blocks 19.7 billion attacks daily. That is roughly six times more than the search requests that Google manages on a daily basis".
Greer-King, who is speaking at the Dublin Info Sec 2016 conference - the cyber security event in the RDS today featuring top international experts including cyber psychologist Dr Mary Aiken - said: "Cyber-security cannot be tackled in isolation by IT departments, it needs to be addressed at a board level, and throughout the organisation. What is most troubling is that on average, 60% of the data stolen is gone within the first few hours of an attack and more than 50% of attacks manage to persist on systems undetected for months, if not years."
- For ticket information on the Dublin Info Sec 2016 cyber security conference call 01 7055787 or see www.independent.ie/infosec201