Posted March 12, 2015 by Bex in Article

Should you be worried about the safety of your money?

Many of us have complete confidence that the banks we use will keep our money safe for us, but how safe is it really? In a recent report by the security firm Kaspersky Labs, it is claimed that a multinational gang of cyber criminals stole up to $1bn over a two-year period by infiltrating more than 100 banks across 30 countries.

The biggest threat to banks is what is known as the zero day attack, which allows hackers to take advantage of weaknesses within new software.  Ross Dyer the UK technical director for Trend Micro explains that “a zero day attack is an attack that’s been developed specifically to bypass traditional security measures. It’s a new piece of malware that no one’s ever seen before, so nobody says: ‘This is malicious, let’s block it”. Some banks have recognised the need for advanced security measures and have adopted a defensive technique known as ‘sandboxing’, which allows the malicious code of a zero day attack to be isolated, analysed and identified. Although the Bank of England has warned UK banks about the “ever-present, ever-evolving threat” from hackers and cybercriminals, they have yet to confirm whether they are actively building a defence system against a zero day attack.

So, what would actually happen if your bank was subjected to a zero day attack? Firstly, you would be unable to access your bank account online. ATM systems may go down and in the absolute worst scenario, the Bank of England’s executive director Andrew Gracie says  it is likely that there would be “a complete loss of systems, disrupting a firm’s capacity to operate. cyber-crimeThe threat is there not only to steal data but to disrupt or destroy the functions of a firm”. However, from a customers point of view, the worst outcome would be that all of your personal details could be revealed to hackers, creating much bigger implications. The Financial Conduct Authority (FCA) are quick to point out that “broadly speaking, customers will not be liable for any transactions on their accounts that they have not authorised if these are a result of a cyber-attack on the bank”. So, although you ay not lose out financially, you do run the risk of being subjected to identity fraud.

RETAIL_CyberCrimeAlthough there is not a great deal you can personally do to prevent a cyber attack on your bank, there are certain measures you can take to alert your bank if you suspect any unusual activity in your account. Many of the top banks are highly alert to changes in behaviour within an individuals bank account and will temporarily freeze the account until speaking and confirming transactions with the account holder, however some will still slip through the net. It is advisable to keep a regular eye on your account and note anything which looks remotely odd. Joram Borenstein, a spokesperson for Nice Actimize, an IT security firm for global financial institutions, explains “we don’t read about attacks on the banks on a daily basis, but I know for a fact in the UK that it’s a regular occurrence. The major banks have teams monitoring alerts, unusual behaviour and spikes in activity, 24/7”.

It has been reported by the BBA, that Banks in the UK spend at least £700m a year on cybersecurity and the Bank of England is currently analysing how resilient to cyber attacks, 36 of it’s key financial firms would be. It is a genuine threat and one that could hit the banks at any time. Help your bank to help you by being account aware and be reassured that they are doing everything in their power to provide the best cyber security to protect your money.