Security & Support | |
Security & Support | |
1378 VIEWS | |
![]() |
Monday, January 13, 2020 /04:58
PM / By David Lipton, IMFBlog / Header Image Credit: Law.com
Last March, Operation Taiex
led to the arrest of the gang leader behind the Carbanak and Cobalt malware
attacks on over 100 financial institutions worldwide. This law enforcement
operation included the Spanish national police, Europol, FBI, the Romanian, Moldovan,
Belarusian, and Taiwanese authorities, as well as private cybersecurity
companies. Investigators found out that hackers were operating in at least 15
countries.
We all know that money
moves quickly around the world. As Operation Taiex shows, cybercrime is doing
the same, becoming increasingly able to collaborate rapidly across borders.
To create a cyber-secure
world, we must be as fast and globally integrated as the criminals. Facing a
global threat with local resources will not be enough. Countries need to do
more internally and internationally to coordinate their efforts.
How To Best Work Together
To begin, the private
sector offers many good examples of cooperation. The industry deserves credit
for taking the lead in many areas-developing technical and risk management
standards, convening information-sharing forums, and spending considerable resources.
International bodies, including the Group of 7 Cyber Experts group and the
Basel Committee, are creating awareness and identifying sound practices for
financial sector supervisors. This is important work.
But there is more to be
done, especially if we take a global perspective. There are four areas where
the international community can come together and boost the work being done at
the national level:
First, we need to develop
a greater understanding of the risks: the source and nature of
threats and how they might impact financial stability. We need more data on
threats and on the impact of successful attacks to better understand the risks.
Second, we need to improve
collaboration on threat intelligence, incident reporting and best
practices in resilience and response. Information sharing between the private
and public sector needs to be improved-for example, by reducing barriers to
banks reporting issues to financial supervisors and law enforcement.
Different public agencies
within a country need to communicate seamlessly. And most challenging,
information sharing between countries must improve.
Third, and related, regulatory
approaches need to achieve greater consistency. Today, countries have
different standards, regulations, and terminology. Reducing this inconsistency
will facilitate more communication.
Finally, knowing that attacks
will come, countries need to be ready for them. Crisis preparation
and response protocols should be developed at both the national and
cross-border level, so as to be able to respond and recover operations as soon
as possible. Crisis exercises have become crucial in building resilience and
the ability to respond, by revealing gaps and weaknesses in processes and
decision making.
Connecting The Global Dots
Because a cyberattack can
come from anywhere in the world, or many places at once, crisis response
protocols must be articulated within regions and globally.
That means the relevant
authorities need to know "whom to call" during a crisis, in nearby and,
ideally, also in faraway countries. For small or developing countries, this is
a challenge that needs international attention. Many rely on financial services
or correspondent lines provided by global banks for financial connection.
Developing cross-border response protocols will help countries understand their
respective roles in a crisis and ensure a coordinated response in the event of
a crisis.
The Group of 7 countries
has made an excellent start at building collaboration on cybersecurity, but
this effort needs to be broadened to each and every country.
Here the IMF can play an
important role. With a much broader representation than most of the
standard-setting institutions, the IMF has the ability to raise the concerns of
emerging-market and developing countries to a global level. Because any place
is a good place to start an attack, it is in the ultimate interest of advanced
economies to work with other countries to share information, coordinate
actions, and build capacity.
At the IMF, we work with
countries that need to build this capacity, developing the skills and expertise
needed to recognize and effectively counter cybersecurity threats. Our
international partners are doing the same, and we work regularly with an array
of stakeholders in the public and private sector.
Successful cyber-attacks
have the potential to hamper financial development by creating distrust,
especially if personal and financial data are compromised.
If we want to reap the
benefits of new technologies that can develop markets and expand financial
inclusion, we have to preserve trust, and ensure the security of information
and communications technologies. With cybersecurity, there is always more to be
done simply because the pace of change is breathtakingly fast.
Related News