Banks urged to step up defense vs cyberattacks

MANILA, Philippines — The Bangko Sentral ng Pilipinas (BSP) has reiterated the need for banks to step up their cyberdefenses and capabilities as more than $600 billion globally are lost to cybercrime annually.

In a speech delivered on behalf of Governor Nestor Espenilla Jr. at the Bankers’ Assembly and Cocktails 2018, BSP Deputy Governor Chuchi Fonacier said it is imperative for banks to uphold and implement “ACT” to stay resilient as cyberthreats continue to evolve.

Fonacier said banks should Assess the landscape, Cooperate with key allies and stakeholders, and Train their people.

“We should never be complacent as cyberthreat actors become highly-skilled and relentless. We must fortify our defenses from the ground up, constantly patching vulnerabilities and weaknesses. We must closely monitor our environment to achieve a higher state of cyberresilience. Let us continue to work together for a collective, coordinated, and strategic response to stay ahead of our cyberenemies,” Fonacier said.

Fonacier said cyberattacks of alarming magnitude, degree and complexity have exposed billions of personal records and have subjected government and private institutions to major operational disruptions.

She said central banks have not been spared the onslaught of increasingly sophisticated, stealthier and persistent attack schemes.

The Bangladesh Bank was a victim of an $81 million cyber heist last year as hackers stole its fund from the Bank of New York. The amount found its way to the Philippines as Rizal Commercial Banking Corp. (RCBC) was used as a conduit through fictitious accounts before the stolen funds were laundered through casinos.

“A new breed of cyber-attackers is continuously evolving. They are organized and well-funded. They are covert and operate within the dark web. We are increasingly embroiled in an Infinity War,” Fonacier said.

Furthermore, she said the introduction of disruptive technologies such as social media, artificial intelligence, cloud-computing and distributed ledger technologies has expanded the attack surface.

The central bank has prioritized building-up of the financial sector’s cyber resilience through regulatory and supervisory programs and reforms to cope with the fast-evolving cyber-threat landscape.

“We are continuously enhancing the supervisory framework through the issuance of necessary guidelines, public advisories and memoranda. We do this too through the adoption of a robust and dynamic supervisory program. This is to ensure that the entire industry remains resilient amid the growing threats that may erode public trust and confidence,” she said.