Nigerian banks and rising cyber threats
Cyber-attacks targeted at the global banking system and high-profile institutions are not imaginary, but real. The overall objective is to steal financial assets- cash or near-cash assets.
Unfortunately, latest reports showed that the most dreaded group in the criminal trade, known as “Silenceâ€, has positioned for the sub-Saharan Africa (SSA).
So far, even great institutions,
in recent times, have succumbed to the trickery of the law-defying elements. Of
course, SSA, led by Nigeria, is the home of the big financial institutions in
the continent. But they are not immune to the cyber threats.
A cyber-attack means the attempt to disable,
destroy, expose, steal, alter or obtain unauthorized access to a computer
system, infrastructure, network, including all other smart devices.
Kaspersky security researchers said there are
thousands of notifications of attacks on major banks located in the sub-Saharan
Africa (SSA) region. The malware used in the attacks indicates that the threat
actors are most likely to be an infamous Silence hacking group, previously
known to be responsible for the theft of millions of dollars from banks across
the world.
Tagged Silence group, it is one of the most active
Advanced Persistent Threat (APT) actors, which has carried out a number of
successful campaigns targeting banks and financial organizations around the
Globe.
Already, the cybercriminals are now actively
abusing the names of artists and songs nominated for a Grammy 2020 award, in
order to spread malware. It’s all part of strategic widening of their dragnet
in the search for a connection or link with banks’ systems and their vaults.
Kaspersky said its protection
technologies detected a 39 per cent rise in attacks (attempts to download or
run malicious files), under the guise of nominees’ work in 2019, compared to
2018.
Artists like Ariana Grande,
Taylor Swift and Post Malone were the attackers’ favorites, with these
nominees’ names used most often in 2019 as a disguise for malware.
“The typical scenario of the attack begins
with a social engineering scheme, as attackers send a phishing e-mail that
contains malware to a bank employee.
“From there the malware gets inside the banks’
security perimeter and lays low for a while, gathering information on the
victim organization by capturing screenshots and making video recordings of the
day-to-day activity on the infected device, learning how things work in the
targeted banks.
“Once attackers are ready to take action, they
activate all capabilities of the malware and cash out using, for example, ATMs.
The score sometimes reaches millions of dollars,†the company noted.
At the 2019 yearly Bankers Committee retreat,
in Ogun State, the body, led by the Governor of the Central Bank of Nigeria
(CBN), Godwin Emefiele, admitted that cyber threat is more real than it used to
be, but pledged to up their investments in cyber defense this year.
According to him, bankers are now fully aware
of the risks associated with their business as it relates to credit and
operations.
“Cyber risk, which today, is
growing in different parts of the world, calls for the banks, the CBN, and the
government, to do something about it. The banks have been advised to do more in
their management and control of cyber risks.
“The banks were also advised to invest more
money in tools, whether soft or hardware, that will help them in containing
cyber risks in their operational environment.
“Of course, on the part of the CBN, we have all along been issuing
different guidelines and frameworks on how the banks can combat cyber-attack
and how the industry and the country can combat the incidence of cyberattacks,
which in any case, will continue.
“But we just need to prepare so that when they
strike, we would be able to withstand the shock and able to discover it early
enough for the banks not to lose money or for depositors funds not to be lost,â€
he said.
He pointed out that the apex bank is looking
at investing in a security operations center, which will act as gateway, not
only for banks.
“Unfortunately, we are all naked today as a
result of Internet and cyber and we all have to do everything to protect
ourselves,†he added.
The banking industry in Nigeria, in its quests
for increased customer-base through service excellence, evolving payment system
landscape and deepening of financial inclusion, have created multitude of
products to drive the goals. Some of these products and their operations have
also been hacked into by fraudsters.
The current attack, detected by
Kaspersky researchers, began in the first week of January 2020 and indicated
that the threat actors are about to begin the final stage of their operation
and cash out the funds. The attacks, they said, are ongoing and persist in
targeting large banks in several SSA countries.
“Silence group has been quite productive in
the past years, as they live up to their name; their operations require an
extensive period of silent monitoring, with rapid and coordinated thefts.
“We noticed a growing interest of this actor
group in banking organizations in 2017 and since that time the group would
constantly develop, expanding to new regions and updating their social
engineering scheme.
“We urge all banks to stay vigilant, as apart
from the large sums Silence group also steal sensitive information while
monitoring the Banks activity as they video record screen activity. This is a
serious privacy abuse that might cost more than money can buy,†Sergey
Golovanov, a security researcher at Kaspersky, said.
The situation in Nigeria, starting from public
outcry over the spate of inexplicable charges associated with banking, has
remained on the upswing, while there was a total of 1,612 complaints from
consumers of financial services received between July and December 2018.
The figure, which showed an
increase of 173 complaints or 12.02 per cent over the 1,439 received in the
first half of 2018, was contained in the Financial Stability Report of the
Central Bank of Nigeria (CBN).
Of the total complaints, 1,602 or
99.38 per cent were against commercial banks, while 10 complaints or 0.62 per
cent were against Other Financial Institutions (OFIs).
Specifically, the complaints were basically
about excess/unauthorized charges, frauds, guarantees, dispense errors and
funds transfers.
Total claims made by customers during the
period amounted to N7.995 billion and $1.767 million, while N3.093 billion and
$1.724 million were refunded to them.
Also, 1,496 of these complaints were successfully
resolved or closed in the period under review, compared with 4,723 in the first
half of 2018, indicating a decrease of 3,227 or 215.71 per cent.
But here comes the “elephant†in the house and
that is reported cases of fraud and forgeries by banks, which increased to
25,029 at end of December 2018, from 20, 774 at end of June 2018.
During the period, various cyber-attacks were
carried out on high profile entities, including the Central Bank of Bahamas,
Marriot Hotels, Google plus, Arik Air, British Airways and UK NHIS, among
others, leading to the loss of customers’ private information, revealing the
vulnerability of all classes of organizations.
In Nigeria, the total amount involved
decreased to N18.94 billion at end of December 2018, from N19.77 billion at end
of June 2018.
Similarly, actual losses declined to N2.21
billion in the period under review from N12.1 billion in the first half of
2018.
Also, the total number of
reported fraud cases in OFIs stood at 754 at end of December 2018, while the
actual loss of N120.98 million was recorded during the same period.
The Automated Teller Machines (ATM) and mobile
money channels recorded the highest incidences of fraud. In order to tackle
this trend, bank customers were continually sensitized on safe banking
practices while banks were encouraged to implement strong authentication
controls and carry out comprehensive infrastructure risk assessments.
The United States Federal Bureau of
Investigation had issued a warning to banks on a new type of fraud known as the
ATM Fraud or ATM Cloned Card fraud, which involves hackers accessing bank
systems or payment card processors and altering data to withdraw large sums of
cash within a short period.
In response to this warning, CBN carried out
vulnerability assessments on all banks and payment system providers and
directed the remediation of identified vulnerabilities on all ATM servers.
To mitigate the incidence of
attacks in the financial system, the apex bank released cyber- security
framework and guidelines for banks and payment service providers.
The framework stipulates, among
other requirements, the establishment of Cyber-Threat Intelligence (CTI)
programmes to proactively identify, assess and mitigate potential
cyber-threats.
It also stipulates the
appointment of a “Chief Information Security Officer†(CISO) to oversee and
implement a bank’s cyber-security programme.
In line with good practice, CBN
appointed a CISO to oversee its cyber-security programme, while urging banks to
follow immediately.
As a response in the face of the
growing threat to the banking industry, the cyber security experts have
outlined series of cautions, which must be adhered to strictly with urgency.
Banks and perhaps, other high net
worth organizations, must introduce basic security awareness training for all
employees so that they can better distinguish phishing attempts and monitor
activity in enterprise information systems information security operations
center.
They should use security
solutions with dedicated functionality aimed at detecting and blocking phishing
attempts. Businesses can protect their on-premise email systems with targeted
applications inside the Kaspersky Endpoint Detection and Response or use the
Kaspersky Anti Targeted Attack platform.
There is also need to avail
security teams’ access to up-to-date threat intelligence data, to keep pace
with the latest tactics and tools used by cybercriminals, while also be
prepared for an incident response plan for potential incidents in the network
environment.
| Share on: |
|
To download, please enter your name and email and click on document you wish to download.
1 Aguiyi Ironsi Street, Maitama Abuja.
info@comnavig.com
