close
Thursday March 28, 2024

Banking in the digital world

By Editorial Board
November 07, 2018

The FIA has revealed that, in a major breach of cyber security, data from ‘almost all’ banks in Pakistan has been hacked . While the details remain scant, it seems that this was a coordinated attack that came to light last week when BankIslami reported the matter. According to a digital security website, data from around 8,000 bank accounts was stolen from 10 banks. The group reported one major sale of Pakistani bank card information in the underground market on the dark web in the last six months. With the reports being made public, bank customers will now be fearful over whether their accounts have been hacked or not. The Pakistani banking system has already been facing pressure after the country was ‘grey-listed’ by the FATF. The pressure has been amplified by the recent revelations of hundreds of benami bank accounts being used for laundering billions of rupees out of the country. Such a major breach will spike the pressure on the banking system even further.

Questions will be – and should be – raised over how secure the digitalisation of banking has made us. Such data breaches paint a rather negative picture, with customers concerned about whether they have been hacked and whether appropriate measures are being taken to improve the digital security of their hard-earned savings and business assets. Banks have also been tardy in offering clarifications and explanations. The FIA cybercrimes director has done well to identify the breaches, but it remains to be seen whether the FIA and SBP will be able to come up with a sufficient programme to improve digital security. The FIA has written to all banks, with the heads of all banks set to meet the FIA to discuss cyber security. As it stands, the FIA has also been short on details, which is a worrying sign. It is not known when the breach took place and how much money could have been withdrawn. One of the worrying stories shared is of a gang arrested last week, which would pose as army officials and withdraw money from banks after hacking their data. Around 100 such cases are under investigation.

All this has also resulted in more misery for bank users after 10 banks blocked all international transactions on their debit and credit cards. This might be justified as a precautionary measure but it reflects poorly on the confidence of the banks in their own cyber security systems. This is a serious issue that will reduce customer confidence in a country where most money in circulation remains parked outside the formal banking system. While the SBP has issued instructions to banks to improve security measures on their IT systems, serious questions remain over whether Pakistan’s banking system is equipped to handle the challenges of the digital world.