Technology

Cyberattacks Prove That No One Is Safe

The hackers studied their target for months — the central bank of Bangladesh.

First, they used their cyberskills to steal the institution’s top-secret international money transfer code.

NotPetya Virus
This image is ineligible for copyright protection in the country of origin, in accordance to Ex turpi causa non oritur actio legal doctrine. In U.S., the malware are covered by Title 18 of U.S. Code, Chapter 113B. https://en.wikipedia.org/wiki/File:2017_Petya_cyberattack_screenshot.jpg#/media/File:2017_Petya_cyberattack_screenshot.jpg

Now they could request large wires of bank funds — electronic transmissions of money across international lines — and never draw suspicion. After that, they sent out four transfer requests, using fake names of charitable organizations.

In the early weeks of 2016, they successfully stole more than $80 million!

Only a typo kept them from taking even more — on the fifth transfer request, one of the hackers misspelled the made-up “Shalika Foundation” as fandation, raising questions and bringing an end to the digital heist. The hackers were never found.

What if another group of cyber bad guys went after the banking system again?

A Shelter From Cyberattacks

Suppose hackers didn’t steal money but simply denied banks’ access to their stored digital cash or their customers’ account records?

It’s the stuff of bankers’ nightmares — and the reason behind an industry nonprofit project called the Sheltered Harbor initiative.

The idea is that banks regularly copy their account data, encrypt it and securely store it with other member banks. That way, if a cyberattack disrupts operations in one bank, it could always turn to others in the Sheltered Harbor initiative to retrieve its data.

Sheltered Harbor got started in late 2016 with about three dozen top U.S. banks, credit unions, brokerage houses and other financial institutions. The goal is to enroll the majority of the financial industry into the system in the next few years.

It also demonstrates the persistent threat of data breaches and the rising role that cybersecurity companies play in protecting banks and other corporations from hackers.

A great way to play the trend is with the First Trust Nasdaq CEA Cybersecurity ETF (Nasdaq: CIBR). Since I started writing about cybersecurity in August, the exchange-traded fund is up 10%. Since early 2016, the ETF has gained more than 60% in value.

aaa

The sector is due to take in an estimated $1 trillion in spending between now and 2021.

As Sheltered Harbor and innumerable hacking incidents in recent years show, even the largest, most important computer systems in the world can be breached by a determined group of hackers.