PLDT ICT unit: Banks must step up measures vs cyber crimes
MANILA, Philippines – The information and communications technology (ICT) arm of the Philippine Long Distance Telephone Company (PLDT) – soon to be called PLDT, Incorporated – urged local banks to improve security measures, as the country's vulnerability to cyber crimes statistically doubled in the past years.
Rene Huergas, president of IP Converge Data Services Incorporated (IPC), said all banks should check on their current data security setup, as even the most secure institutions are not safe from the alarming increase in crimes perpetrated online, particularly Distributed Denial-of-Service (DDOS) attacks.
A DDOS attack happens when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers.
"This is a reality that has caused the loss of significant revenue for many businesses. The global recorded cost of cyber attacks is at $400 billion to $500 billion dollars per year – roughly 50% of which is from DDOS attacks," Huergas said.
Citing data from its DDOS mitigation partner Nexusguard, IPC said companies are most likely to lose more unless executives take the issue seriously.
'Inadequate security system'
Huergas said some financial institutions have inadequate system and network security layers to protect them from cyber attacks.
"This poses an even greater danger to both the customer as well as the institution. As data and network security is a commodity in this day and age, now is the best time to recognize that the threats are real and can make businesses vulnerable and susceptible to attacks; banks and financial institutions being the most inclined to this kind of attack," he added.
Just recently, several Iranian hackers were indicted following a well-orchestrated cyber attack on US banks. (READ: Iran denies supporting US bank hacking)
The criminals hit the banks with DDOS attacks on an almost weekly basis, flooding their servers with illegitimate traffic that slowed websites down and caused millions in lost business.
IPC director for product management and marketing Niño Valmonte noted that perpetrators have been launching DDOS attacks to mask the other ways by which they compromise systems.
"Financial institutions, especially those with online transactions (e-payments, online banking), must remain vigilant against these threats or they'll easily lose their clients' trust and consequently, their business," Valmonte said.
Priciest cyber crime
While DDOS attacks are considered the world's most costly cyber crime, cyber attacks that involve malware, phishing, password attacks, man-in-the-middle, drive-by downloads, malvertising, and rogue software are also widespread.
In fact, it was found that the Philippines' vulnerability to cyber crimes has statistically doubled. (READ: PH twice likely to face cyberattacks than worldwide average)
A large percentage of computers in the country have been invaded by malware, the same intrusive software initially found to have allowed the illegal electronic transfer of funds in the Bangladesh Bank case.
This condition poses a real and imminent threat, as records from the Bangko Sentral ng Pilipinas (BSP) showed that around 22 million people use electronic banking services and channels, and that the volume and value of e-money transactions keep growing.
The figure continues to increase each year as more and more people join the workforce and make use of a bank's facilities. This translates to the overwhelming amount of data at risk. (READ: How Bangladesh Bank dirty money easily got into PH)
"Cyber attacks have been growing in size and becoming more and more complex. While they can't be scrapped entirely, employing security features and updating them every once in a while will help ensure that disruptions to business processes are at a minimum," Valmonte said.
The BSP, Anti-Money Laundering Council, and the Senate blue ribbon committee are conducting separate investigations on the $81 million bank heist, where money stolen from the Bangladesh Bank's account in New York found its way to the country via the Rizal Commercial Banking Corporation (RCBC). – Rappler.com