CYBERCRIME affecting banks and financial institutions in the country peaked during the first wave of enhanced community quarantine in March to May, leading to millions of pesos in losses during the period.
“The disruption caused by the lockdown offered cybercriminals a unique opportunity to exploit the vulnerabilities in systems, networks, and applications used in remote working arrangements,” the Central Bank said in a report on the status of the Philippine banking system.
The BSP said based on the Reports on Crimes and Losses filed by banks during the ECQ covering the period March 15 to May 18, 2020, 98.4 percent of all criminal incidents reported were classified as cyber or online in nature.
This resulted in losses amounting to P60.6 million or 54.5 percent of all total bank losses during the two-month period. Broken down, 80.5 percent of all cyber incidents reported were credit card and
Internet banking-related, accounting for 79 percent of total losses.
The BSP said the majority of these threats were in the form of phishing e-mails and malicious web sites, some even disguised as Covid-19 campaigns.
Data showed that threats on malicious web sites peaked at the onset of the ECQ period in March, mimicking global trends, while phishing e-mails peaked in April.
However, the BSP said this does not mean that digital transactions will be discouraged especially during the pandemic.
“With continued limitations on mobility and need for social distancing to prevent the spread of the Covid-19 virus, encouraging the use of digital payments remains necessary. Concomitant to this is the need to further strengthen [banks’] operational resilience in order to ensure their capability to continually service the needs of their financial consumers even in adverse situations,” the BSP said.
The BSP also vowed to strengthen its digital financial supervision by enhancing its regulatory framework, adopting supervisory technology and implementing capacity-building measures.
The BSP said it is transitioning towards the use of the Supervisory Assessment Framework which facilitates risk-focused and calibrated supervision according to a BSP supervised financial institution’s (BSFI) business model and relative importance to the financial system.
Also in the pipeline are issuances on digital banking, cloud computing, virtual asset service provider and the cybersecurity maturity model.