I recently read an article that was published on the BBC’s website, written by Dave Lee, the entity’s Technology Reporter, regarding the decrease in armed bank robberies in recent years. The article cited a British Bankers Association statistical report which indicated that, there has been a 90% drop in robberies on British Bank branches in the past decade. According to the British Bankers Association, there were 66 robberies in 2011. This is only a fraction of the 847 robberies that occurred in 1992.
In the USA, a similar decrease in bank robberies has been realized. According to figures from the Federal Bureau of Investigation (FBI), the number of bank robberies nationwide is 3,870 which, according to the Bureau are the lowest in decades.
But what is responsible for this decrease? The article reports that the decrease can be attributed to a “raft of innovative technologies” that banks are deploying to ensure the security of their staff and money. They (banks) are making significant efforts to deter robberies from occurring and in doing so, have opted to deploy modern technologies such as CCTVs, protective screens that can rise in less than a second and “special fog designed to disperse criminals.” Other technologies include simple barriers that are activated when a panic button is pressed, vestibules that lock criminals inside, and a DNA spray that is used to coat robbers with a distinct, difficult-to-remove, and traceable material which can be used by law enforcement officers to track and apprehend criminals.
So now that the traditional or “Brute Force” bank robbery has been minimized, or mitigated, what should we worry about at a time when technology, the internet, and telecommunications have made almost everything accessible? The answer: CYBER-CRIME, specifically CYBER-THEFT! The growing rate of cyber-crimes relating to banks and other financial transactions now presents another risk and challenge for those institutions.
Cyber-Crimes have been a controversial topic globally with the news media reporting several occurrences of them. We recently heard about how the credit card information of individuals in the USA had by some individuals from the Ukraine. The same article mentioned the 40 million credit card details held by Target Inc. in the USA, which was compromised and sold online by hackers from the Ukraine. According to the FBI, since 2001, complaints of Internet crime have risen fivefold, to 314,000 in 2011. On the other hand, the American Bankers Association estimates criminals netted $1.8 billion in check and debit-card fraud in 2010.
Now, Target and almost every financial institution in the USA apply state-of-the-art technology and security mechanisms to prevent criminal activities, and yet, they and their customers have been victimized by cyber-criminals. So, if these mega-corporations can have their systems penetrated and compromised, then one has to wonder, how secure are our (Liberia’s) banking and financial institutions from cyber-theft?
Note that this article is not to create a “scare” or deter people from saving their money in banks. In fact, I think it’s the safest place to save your money. But when we hear about cyber-crimes committed on large firms, then we need to start asking questions. Remember, nowadays, criminals are not using guns and masks; they are using laptops, telecommunications lines and malware to rob banks.
Today, the cyber world is where the real money is. Going the electronic route is obviously less violent and dangerous. More importantly, bank robbers seem to be keeping up with the changes of time by shifting to the electronic world, paralleling how banks have been replacing tellers with ATMs and digital transactions. While the number of traditional bank robberies has declined, crimes involving ATMs and other digital transactions have soared.
There is a new generation of criminals who are very skillful, creative and online. Many of the reports of cyber-crimes involve countries in the West. But that does not mean we in Africa, are immune to cyber-crime or cyber-theft. If perpetrators/cyber-thieves can penetrate American and British banking institutions, then we in Africa are also susceptible to such attacks. The bottom line here is that the ultimate goal of a cyber-thief’s penetration into financial institution’s systems is to obtain money, no matter what continent it is stored.
This prompts several questions about Liberia’s banking institutions: How secure are their ICT systems? How often do they do a pen-test (penetration test) or an ethical hack exercise to identify vulnerabilities and potential points of threats with their systems? What types of policies do they have in place? How strong are they? What kinds of passwords are they using? Are those passwords susceptible to brute force attacks? With today’s multi-faceted online environment ICT security should be strong, dynamic and conscientious.
Also, institutions should keep in check those who possess significant information about their internal computer network infrastructure, remote terminal connection possibilities, IP subnets, security software, security measures, intrusion detection policies, etc. They should also ensure that none of those who know the system has any administrative user account and password, or any built in backdoor access to the system.
To successfully maintain a secure ICT environment, institutions need to invest in training for their ICT staff, modern technologies, create stronger policies, and continue to educate their entire staff of the dangers of online activities.
If we do not take preventative cyber-security measures, it is just a matter of time for cyber-criminals to identify points of entry into our systems. This is why our National Security strategy needs to include a vigilante, well-trained and equipped cyber security team that can monitors (and counter respond) online activities. With the amalgam of modern technologies and Africa Coast to Europe (ACE) optical fiber cable (broadband connectivity) allowing access to online activities, we have to be ready, and refrain from the lackadaisical attitudes we demonstrate toward potential threats. A Proactive approach is always the best approach. We have to keep up with the changes of time. We cannot wait for bad things to happen before we act. And if bad things happen do we have the resources to even counter-act or investigate them? Or are we going to follow the traditional approach of bringing in “experts” from outside?
We must understand that we are not immune to online theft. After all, are we not storing money in our vaults? Is the money in those vaults not usable internationally? Let us all think about this seriously and act accordingly.
Until next week/year, CARPE DIEM and HAPPY NEW YEAR!!!