By now, it feels pretty normal to use your phone or computer as your bank. In just a few clicks, you can check your balance, transfer money, even apply for a credit card or mortgage. In fact, 14.2 million Americans now consider a digital bank to be their primary bank.
But as the digital banking sector grows, there’s a higher risk of cyber attacks targeting everyday users. Cyber attacks are becoming increasingly sophisticated, and cyber criminals are actively targeting the banking sphere because of the high returns.
The best way to protect you and your money online is to understand what the current cybersecurity threats are, but also recognize the wider holes in the banking system as we know it. These are the biggest dangers to take note of in 2021:
Malware is malicious software that has been purposefully created to damage a device, server or network. It comes in many different forms, including viruses, worms, and trojans.
In the banking sector, cyber criminals use malware to infect users’ end devices and gain access to their financial and personal data. For example, in 2020 the Ursnif banking trojan was distributed via Word or Excel attachments in emails, and once downloaded, would steal people’s financial credentials and other sensitive information.
As digital banking has grown over the years, so has the ability to obtain malware – in 2019, 75% of all data breaches in banking were the result of malware attacks. One of the biggest causes for concern is the recent emergence of the malware-as-a-service model (MaaS), where malicious actors rent malware to people on a subscription basis, enabling them to target a broader scope of users.
Speaking about evolving malware threats, one cybersecurity expert notes that “it is clear cyber criminals are focusing on using malware that enables them to monetize their victim’s data and credentials.”
Data tampering (also known as “data sabotage” and “data manipulation”) is when a cyber criminal successfully gains access to a network and makes undetected changes to the data for personal gain. For instance, a criminal could intercept a wire transfer and change the receiving account details to their own, or charge micro payments to a user’s credit card. Data manipulation is especially problematic because it often seems like legitimate activity and is hard to prove otherwise. And, the longer the manipulation continues, the more disruptive it can be for the affected parties.
Especially in the digital banking space, data manipulation takes a long time to recover from. Banks have to determine the extent of the attack, restore data compliance, and rebuild trust with users.
For Michael Rogers, Director of the National Security Agency, data manipulation is second on his list of top three security threats. “We’re used to data being stolen or even deleted,” he says, “but if data has been subtly altered the results could be severe […] we are used to just seeing and accepting it.”
A lack of superior infrastructure
While malware and data tampering can be seen as modern threats, they also reveal an underlying, long-term inefficiency in banking. Despite the clear digital transformation of finance, many banks still haven’t made cybersecurity a priority – a decision that can have harsher repercussions for customers than for the organizations themselves. Cyber crime is estimated to cost banks globally $1 trillion per year, but for everyday account holders, cybercrime could mean losing entire life savings, earning bad credit, and developing a strong mistrust toward banking as a whole.
Speaking about ransomware (a type of malware), computer forensics and information security expert Hal Pomeranz claims that it is “threat actors figuring out a way to monetize the technical debt we’ve been baking into our systems for decades.” Putting it simply – banks’ infrastructure is falling short when it comes to protecting customers.
Yet there are robust solutions available. Distributed Ledger Technology (DLT) provides a more secure service compared to traditional banking, of which Hedera Hashgraph is the gold standard. Hashgraph is an advanced information-sharing technology that allows for extremely secure transactions and data storage.
Hashgraph is Asynchronous Byzantine Fault Tolerant (aBFT): all transactions are validated by consensus, and so if any malicious players are present, they are compartmentalized and the network continues to function healthily. This means that data cannot be manipulated, nor can transactions be interrupted.
Hashgraph is faster, fairer, and better protected compared to the tech banks are currently using, and at Coro, we’ve developed our own private permissioned DLT network, powered by Hashgraph. With our advanced technological backbone, we can facilitate upwards of 500,000 transactions per second, making gold accessible to more people while simultaneously offering customers heightened security.
You and your money shouldn’t be left exposed while you wait for banks to update their technology – a process that is often long and complicated. Cybersecurity will only grow as an issue for banks, and so diversifying how and where you store your money is a wise move.