Why the Anonymous bank takedown was a wakeup call for behavioural biometrics

Notorious hacker network Anonymous recently launched a month-long campaign targeting the global banking industry.

According to an article in Fortune, members of the secretive group of activists and hackers went after the Bank of Greece in May of this year, taking down the site for a few minutes and launching the first punch in a series of high stakes showdowns between global bank security systems and the infamous hacker network.

Several other high profile attacks have since followed over the last month in what Anonymous calls Operation Icarus. The group has so far claimed successful attacks on 9 other central banks, including the Central Bank of Mexico and Cyprus.

Next on the hit list are the Bank of England, the World Bank, IMF, the US Federal Reserve and 160 other national banks. Anonymous vows to continue the project for 30 days, culminating in attacks on NASDAQ, NYSE, and PayPal.

> See also: How to understand and fight the four faces of payment fraud

The group appears to have joined forces with another hacker group, Ghost Squad Hackers. The objective appears to be to create chaos in the global banking industry and is 'a retaliation to the 1%' as 'elite banking cartels are putting the world in a perpetual state of chaos', says hacker ‘s1ege’ who claims to be affiliated with the hacker collective GSH participating in the takedown.

These attacks on banking websites might take the site down for a few minutes or longer, depending on the level of penetration and severity and, while the attack may not be long by our standards, it can cost the banks millions – making the threat very real. Adding this to the perception that bank security is vulnerable it can’t help but hurt bank brands globally whose reputations rely on consumer trust.

This is just one more reminder that banks need to make it imperative to put a robust security strategy in place, and one that looks beyond the device or static data. No further reminders should be needed at this point.

The cold, hard truth is that hackers have openly declared war, have scheduled their attacks and operationalised large-scale collaborative hacking projects. There is no doubt they can and will attack again.

In 2015, for example, NuData Security identified that a staggering 45% of new accounts created across our financial services and e-commerce clients (including some of the largest banks and merchants globally) are fraudulent attempts. Fortunately, those attempts can and are thwarted thanks to pre-transactional early detection using our passive biometric technology.

With industry estimates that account takeover and account creation fraud will increase by 60% in the next three years, it is more important than ever for financial institutions to have solutions that identify and prevent these attempts, ensuring that a company’s losses don’t escalate while also providing a white glove experience to legitimate consumers. Organisations that transact online know that they need to adapt to keep up with attackers who are constantly shifting tactics and attack vectors.

> See also: The seven types of e-commerce fraud explained

The proven way to outsmart fraudsters and hackers is through accessing the combined data obtained from observable behavioural signals from the time of login or account creation and throughout the user’s online lifecycle.

Some solutions can also access the combined intelligence of their behavioural network (consortium) to further aid in determining who is, and who is not, behaving like a genuine user. In this way the software functions like a 'good user detector' and the baddies are just filtered out of the equation organically as part of the process.

The bottom line is that the onus is on financial institutions to continue to improve their techniques in order to stop the latest fraud methods, and in this case hacktivists, from plaguing their business.

In recent years banks have suffered huge blows to their reputations and can redeem much of that by taking steps that not only put on a security show for customers, but actually improve security and customer happiness.

Harnessing the power of behavioural and biometric analytic technology empowers banks to focus on how to treat good customers well at the same time as keeping them safer.

Sourced from Lisa Baergen, director, NuData Security

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics