Photo and story by Oliver Samson / Correspondent
F5 Networks Inc. executives urged Philippine banks to tighten cybersecurity measures following the recent theft by hackers of over $80 million from the Bangladesh’s central bank.
Local banks should safeguard themselves with the most effective technology as hackers are attracted to attacking financial institutions with weak cybersecurity, Global Security Senior Manager David Holmes told the media in Manila on Friday.
“In every country, the first to get attacked are banks,” Holmes said. “We have seen a recent spate of attacks on banks in Singapore.”
Banks in Singapore, however, are not less secured than their counterparts in developed and developing countries, Holmes noted. It’s a matter of regional activities, he added.
Local banks should give hackers a hard time in penetrating their defenses until they reach the point of giving up, said Oscar Visaya, F5 Networks Philippines country manager.
The available way to fight cybercriminals is to invest in the most advanced cybersecurity solutions and best practices with the purpose of draining the energy of hackers, Visaya said.
“Make it really expensive for hackers to attack into your system. Make it very difficult for hackers to get into your digital environment.”
In light of the money-laundering scandal, involving a Bangladeshi bank and the Rizal Commercial Banking Corp., Holmes has this to say: “I think the risk is much higher this week than it was a year ago.”
Visaya emphasized the need for banks to reinforce cybersecurity by citing the International Data Corp. (IDC). In nine years 85 percent of the population of the Philippines will be doing digital banking, he said, adding that “currently it’s 16 percent.”
However, Holmes said F5 has “not yet seen any coordinated campaign here in the Philippines.”
He said local banks should beware of electronic mails that pretend to be a legitimate communication from the CEO, he said. The e-mail may be actually from a hacker who purportedly instructs the CFO to transfer money. One happened just recently, he said.
“We have a recommendation for local banks to share more information with each other,” Holmes said. “It’s very effective in other countries when they get together on a regular basis and share intelligence and operate as a community instead of as competitors.”
If local banks can do this, it would be a huge step forward in fighting cybercriminals, he said.
Cybersecurity expert Angel Redoble said in a separate interview he sees threats to local banks and organizations growing.
“There was not an official assessment of the scale of current threat,” said Redoble, chairman of the national advisory council for the Philippine National Police Anti-Cybercrime Group. “But cybersecurity practitioners know the local banks and other companies are being attacked by hackers.”
Authorities have no data on breaches since banks and other organizations do not report attacks, Redoble said.
“Cooperation between organizations and the authorities can help them become secure,” he said. “There is not a policy, however, that compels organizations to report breaches.”
Banks choose to not report attempts by hackers to penetrate their defenses to protect their reputation, according to Redoble. Clients may lose confidence in a bank if breaches to their cybersecurity become public, he added.