GlobalSign Blog

06 Apr 2018

The Bank Negara Malaysia Incident is Another Wake-Up Call for Banks

The cybersecurity community had a busy week. From the social media giant Facebook’s gaffe involving Cambridge Analytica to the recent data breaches of companies like Under Armour and Wendy’s, hackers are currently hard at work. Their latest attempt at breaching comes from Malaysia, but this time, they actually failed.

Bank Negara Malaysia, the country’s central bank, recently announced that they suffered a cyberattack in an attempt to steal money through fraudulent wire transfers over the SWIFT bank messaging network. Fortunately, no funds were stolen from the incident, making the second largest hack of a central bank in Asia a fruitless endeavor.

“All unauthorized transactions were stopped through prompt action in strong collaboration with SWIFT, other central banks and financial institutions,” the bank assured its clients in a statement. While the bank walked out without casualties, security experts agree that the incident will most likely prompt financial institutions worldwide to reassess their cybersecurity.

The last time this happened was in 2016, when the Bangladesh Bank lost $81 million from a massive cyberattack. The hackers used the same tactic to steal funds and they were successful in taking over the bank’s SWIFT servers to force fund transfers. Up until today, authorities haven’t arrested anyone for the incident.

Improving Your Security Starts with Small Steps

According to a study, 82% of customers are more likely to close their accounts from a previously hacked bank, while 74% are more likely to choose a bank based on its reputation. That’s why a bank’s assets and reputation must be protected at all costs. There’s no denying—trust is a key factor in the banking industry. These are the key areas you should be focusing in assessing your security.

Access Rights and Controls. With the increase in data breaches, especially involving customers’ sensitive information such as social security numbers and trade details, financial institutions should be looking for appropriate controls around access and authorization of users. Investing on technologies like password management, timely update of access privileges, and adapting multi-factor authentication.

Website Encryption. Don’t forget about securing your website because it is basically your bank’s face online. SSL Certificates to make sure your internal and external communications are safe from outsiders and phishers that are out to steal sensitive information. SSL encrypts the communication between the web server and web browser, ensuring that the visitor’s data won’t be stolen by hackers lurking by.

Digital Signature Policy. Getting started now with Digital Signatures will minimize risk and improve your business competitively over others still using only ink and paper signatures. Not only is a well-implemented digital signature policy good for business, it also provides exacting authentication, secure encryption, a tamper-evident seal and a legally binding, court-admissible audit trail.

Online security is a must in today’s interconnected environment, that’s why it is important to keep up with the fast-evolving internet world. If you want to learn more about enforcing online security for your company, head down to our official website.

Share this Post