Japan's Online Banking Theft - A Wakeup Call For Global Banks

by Sohini Bagchi    Jun 02, 2014

cyber threat

With a surge in online banking thefts globally, banks may have to rethink their online security policies. The recent victim is Japan, where there were 50 cases of theft from online accounts with hackers stealing nearly $2 million in April alone, according to data released by the Japanese Bankers Association. This has prompted the banks to curtail online services and rethink compensation policies, a TOI report said.

The report mentions that Japan’s Financial Services Agency have warned regional bank executives that online theft could cause a chain of small business failures and bankruptcies. Corporate users of online banking in Japan tend to be small businesses and family-owned firms. experts believe in a typical theft, hackers trick owners into surrendering passwords or gain control of poorly protected computer systems to make transfers out of their accounts.

The growing complexity

Cybersecurity attacks are becoming increasingly complex and more dangerous. While Japanese financial firms such as Mitsubishi UFJ Financial Group and Mizuho Financial Group complained their corporate customers had been hit by online thefts, banks and other global corporations are also experiencing losses and are increasingly worrying about their safety and security.

Online banking and card frauds are top concerns in the UK as well, according to the latest Unisys Security Index, which found out the nature of frauds becoming more specialized. This is evident as things like spam and viruses and shopping and banking online recorded significant declines from before.

India too has been facing the growing menace of cyber fraud. “Data theft is one of the biggest risks posed before the companies in the banking sector. Emerging underground websites help the data thieves to immediately encash the stolen data. Same data can be sold to multiple interested buyers in these underground black markets,” says Mayur Joshi, founder member of Indiaforensic in a cybersecurity report last year.

Countering online threats

Joshi believes that to counter threats posed by cyber criminals, banks need to upgrade infrastructure to check any incident of data theft. However, he says that just like financial institutions, hackers too have direct links to technology programs capable of gaining access to card numbers, debit card numbers, prepaid value card numbers and bank account details in any country.

“One of the main factors of this rising level of cyber fraud is availability of low cost resources for cyber activities. Data can be sold to multiple interested buyers in these underground black markets,” he says adding that it is here banking institutions must exercise caution.

Sandeep Godbole, President of ISACA, Pune Chapter mentioned that cyber security is the key in online banking, and unless banks and financial organization invests heavily in research and deploy the latest technologies, such menace will keep growing

Gerhard Knecht, head of global security services and compliance at Unisys Enterprise Services also echoes similar sentiments. He believes more education is needed for consumers on things like password security. “With younger generations also sharing information and making payments, increasingly online, educational information must be made available across a range of organizations,” he added. “Banks and organizations alone shouldn’t be responsible, but schools and the government too to ensure all consumer audiences are reached.”

Read: Top Tips To Avoid Credit-Debit Card Theft

While technology upgrades and certifications are obvious ways to counter challenges, Japan’s banks are confused on how to respond to the scenario. While some see compensation might remove an incentive for businesses to tighten security, other believe tightening security too much could kill the convenience of online banking. They may adopt best practices from various other banking system worldwide. As Jim Lewis, a former US foreign service officer says in a statement “A few years ago, banking thefts were purely technical. Now they involve policy specialists too and are on a whole different level and likewise these threats need to be challenged.” He gave the example of US banks that suffered website and other failures in 2012 and blamed on cyberattacks from Iran. Then they experimented with basic tabletop war games and scenario planning to examine how they might work together to contain dangerous malware neither state was responsible for and it seems to have worked just fine.

Toward this end, cyber security experts believe a tight security policy, an agile system and constant technology upgrades, coupled with educating staff and customers will collectively help counter online banking frauds, and banks must gear up to save their businesses.