3D visualization of a green lock into which data flows in and out again
 
#Digital Infrastructures

Cybersecurity for central banks is mission-critical

Insights
6 Mins.

The risk for cyberattacks increases in step with the increasing digitalization of central banks’ systems and processes. A failure to protect against these attacks could have catastrophic consequences.

Cyberattacks on financial institutions and other actors in banking and finance have become a feature of modern life. They are happening day-in and day-out all around the world. And as the Carnegie Endowment for International Peace notes, this trend is worsening.1

Central banks are not immune to this. On the contrary, they are powerful magnets for hackers looking to find exploitable vulnerabilities in the banks’ digital systems. These hackers could be criminals, state actors, or “hacktivists.” The type of organization posing a threat might vary, as might their goals and motives. Therefore central banks need comprehensive and effective defenses against all kinds of cyberattacks whose objectives might include financial gain, information theft, or systemic disruption.

The nature of the threats

There are many different ways that an attacker could get inside a bank’s systems. Phishing might sound like an elementary approach that poses a low level of threat. But criminal elements are more sophisticated nowadays. They can use malware – malicious software that works as an eavesdropping mole in a network – to capture email traffic, then use this data to train machine-learning-based natural language algorithms. The result is the ability to automatically generate plausible emails, which might as well have come from a human – and are therefore much more likely to trick an employee into unwittingly assisting with malicious activities.2

A businesswoman behind a window smilingly operates a tablet, there is a reflection of another office building

The laptops and mobile devices of senior staff are another vulnerable target. If left unattended, for example on a work trip, and are not equipped with high-quality protective measures, they can quickly become a gateway for malware. Whilst this level of attack requires a high degree of sophistication and preparation, it is well within the reach of state actors and professional criminal actors. And this is especially true when the potential payout is as high as it is with central banks as the target.

Once a hostile element has access to the systems of a central bank, a number of things become possible. Ransomware can be unleashed to cripple systems. Alternatively, sensitive data on critical decision-making processes or confidential data can be stolen. Or they could steal money directly by diverting payment processes.

Even the business models of criminal elements are becoming more sophisticated. There are groups that create and rent out platforms from which other hackers can carry out attacks. Some of these come complete with their own support services. This gives some sense of the scale of the problem: people are making money simply by renting out their platforms to other attackers. The distance traveled is very great indeed from the days of simpler frauds. This is why solutions need to match the sophistication of the attacks and address key areas of vulnerability.

Suitable cybersecurity solutions

Central banks need comprehensive cybersecurity strategies. This means having measures in place to identify risks, to protect against them, and to detect when an attack is underway or a breach has already occurred. Protocols also need to be in place to ensure that any breaches are shut down as quickly as possible and that systems are quickly back up and running after they have been taken out of service.

Security strategies need to cover issues at a number of different levels, too broad to detail here. However, as an example, it is essential to have an effective asset inventory management. This applies not only to IT systems and operational technology components such as machinery for cash processing, but also to the myriad  connected “things” such as cameras and sensors. If one does not know what equipment is there and what it is designed to be used for, then it goes without saying that one cannot secure it properly. Cybersecurity also requires the introduction of state-of-the-art technology standards and, if that is not possible, at the very least measures such as security retrofitting solutions, monitoring systems, information sharing protocols, and regular training and exercises.

“In some incidents, the attackers have nearly as good an understanding of the IT architecture as the organization that owns it“
Jan Ludwig Tiedemann
Senior Solution Architect at secunet Security Networks AG and experienced incident response manager

Creating a culture of security is important because of the constantly evolving nature of cyberattacks. Staff need to be aware of risks, know how to protect themselves, and be comfortable raising concerns if there is any suspicion that security has been compromised or that fraud has taken place.

However, it is important for central banks to know what they can effectively manage on their own and where it is best to partner with specialist providers. If push comes to shove, technical and organizational solutions must have a robustness that can withstand assaults of state-level precision and sophistication. Building and maintaining the expertise required to do that in-house may be too time- and resource-consuming. Relying on the expertise of specialists will be the better option for most organizations. Good partners cover relevant security topics and can also make sure that solutions are aligned with the requirements of regulators.

Protecting digitalized banking

Financial institutions exist in a hostile world, and central banks – with their critical role in the system, their vast resources, and their public reputation at stake – make especially tempting targets. As more and more of their systems become digital, their exposure to cyberattacks increases. 

There are many practical steps that they can take to protect themselves from the inventive minds of criminals and spies but these take careful thought, planning, and the right partners.

And it’s not only about protection: with experienced consulting and state-of-the art products and services, we have the ambition to turn IT security into an enabler for digitalization.

  1. Carnegie Endowment for International Peace, Timeline of Cyber Incidents Involving Financial Institutions, 2021

  2. For an example of a sophisticated approach to phishing, see the US Cybersecurity and Infrastructure Security Agency briefing on TrickBot, March 2021

Published: 24/11/2021

Share this article

Subscribe to our newsletter

Don’t miss out on the latest articles in G+D SPOTLIGHT: by subscribing to our newsletter, you’ll be kept up to date on latest trends, ideas, and technical innovations – straight to your inbox every month.

Please supply your details: