Back in the Old West, robbing a bank meant wielding a pistol in a room full of terrified people, grabbing bags of cash and riding off into the sunset. In the modern world, bank robbers don’t need to use guns; their weapon of choice is something with a much greater range—the Internet.
Online Banking Security
As technology advances, cyber thieves are increasingly a threat to banks and other financial businesses. Part of the problem is a failure to evolve with technology. Online financial systems are outdated and procedures are incomplete when faced with the full scope of a hacker’s arsenal. TJ Martineau, head of the IT department at ATS Secured, says banks tend to “lock down workstations, look at software lists, try to regulate who comes into the building, and hope that it’s enough.”
Controlling who enters the building is of little use because most money is no longer kept in safes; it’s online. There are several ways a cyber thief can rob a bank blind, but often it’s done by gaining access to a customer’s account.
If a customer uses the same password for their bank login as they do for multiple other sites, it becomes much easier for a hacker to gain access. Guessing a password in the first place can be easy, as most people use passwords they can remember with little effort. Hackers can even buy software that can crack these easy passwords quickly, before the account holder realizes something is amiss. Saving a password in your email isn’t safe either; hackers can skim through the files and pluck the password within minutes. Saving a password to your Internet browser is equally dangerous because hackers can track that activity.
Tactics to Increase Cyber Banking Security
New and emerging technologies could provide other means of solving this issue. Check out this previous post on recognition software that talks about how passwords could become obsolete in the very near future.
Protecting bank clients’ identities and assets needs to involve raising awareness of the techniques cyber thieves employ. Requiring more secure passwords (with numbers, symbols, etc.) plus another point of authentication (such as a security code that is texted to the client’s cell phone to give them access to the account) can keep clients aware of the risk while also protecting them.
Another way banks can protect the money they oversee is by making certain that any employee who works remotely has the ability to wipe their devices on the go. Without the ability to wipe their devices, carrying laptops and smart phones around with company data on them presents a huge risk. Many banks have implemented this procedure; however, in many cases it is not applied in time by the user of a device.
An employee has to inform the bank within a certain number of hours if their laptop comes up missing, but a smart hacker is not going to put the computer online until after they acquire its stored data. Hard disk encryption and secure passwords can help in this situation, but time is on the cyber thieves’ side. A hacker can put the stolen laptop into a workstation, and let software run that will break into the laptop.
Bank robbers don’t have to rob a bank; they can just rob multiple people by stealing money right from their bank accounts. It’s definitely easier than walking into a branch with a ski mask on.
Banks have always dealt with the risk of robbery, but today they’re up against robbers that don’t wear ski masks, and yet can easily remain anonymous. They don’t use guns, and yet their fingers can trigger a spray of bankruptcies. They don’t walk into the building, but they can walk away hundreds of thousands of dollars richer.
This is the cyber thief—the 21st-century bank robber. Banks need to stay ahead of them with more secure systems and protocols.