By Alphus Hinds, Chief Information Security Officer (CISO) for Standard Bank, CIB International
There has been a staggering rise in the number of cyber attacks globally in the past few years, and particularly since the outbreak of Covid-19. With the digitisation of every industry and the reams of online data, the opportunity to go after what are seen as valuable assets or information is increasing.
Cybercrime is increasingly being directed at HNWIs (high net worth individuals) and family offices. According to a Campden Research study, more than a quarter of ultra high net worth (UHNW) families, family offices and family businesses, with an average wealth of US$1.1bn, have been targeted by a cyber attack.
“HNWIs are viewed as high-value targets by cybercriminals, and they are often more vulnerable than corporations due to their less robust security measures,” says Alphus Hinds, Chief Information Security Officer (CISO) for Standard Bank, CIB International. Cybercriminals regularly make use of publicly available information to build a picture of an individual’s footprint, which is used as part of a fraud campaign known as social engineering whereby fraudsters manipulate people to provide confidential information. The use of phishing emails is another way cyber criminals gain access to personal and confidential information.
Phishing requests often seem legitimate, either requesting the receiver to click on a link which directs them to a spoofed website requesting confidential information or to download an attachment so that malware is downloaded that can extract people’s banking credentials to access their financial accounts. This information is used by the cybercriminals to perpetrate fraud on digital banking channels.
Business email compromise (BEC), which remains one of the costliest types of online fraud, is another method used to conduct online fraud. Alphus mentions that HNWIs typically engage via email with multiple sources across platforms and are often victims of BEC. In these instances, hackers will intercept a thread regarding a transaction and impersonate the other party. The individual may think the transaction is going to the intended party, but the money is then transferred to an account under the control of cybercriminals.
Further to the above, rogue mobile apps uploaded to popular app stores were up 140% compared to the prior year. Rogue mobile apps are apps created by cyber criminals to imposter banking apps to infect consumers’ devices with malware capable of harvesting user credentials to conduct account takeover attacks (the cybercriminal takes over the device to access digital banking to conduct fraud).
“Due to South Africa being one of the top three destinations worldwide for phishing-related attacks, we encourage clients to remain vigilant and apply increased caution should they receive emails or even SMSes with links. Individuals also need to be very vigilant and judicious when determining which apps to download and make sure that these are verified.”
As a result of the proliferation of online crime, governments have had to act swiftly to protect against threats to information. Sadly, they often do not have the best technologies or processes in place to protect this information. They have, however, undertaken to strengthen their security posture; how they go about security and preserving our information integrity through the introduction of data privacy and cyber security legislation.
While the introduction of these legislations provides some level of comfort, it is critical for HNWIs to understand that they are responsible for protecting their information, assets and loved ones.
The implementation of a cyber security plan in this context might not be a task that you want to take on yourself. There are third parties that specialise in this area and understand that operating globally comes with a host of different risks. Threats in China are different to those of the United States, for example.
2021 has witnessed a prolific rise in the scale and ferocity of ransomware attacks - from large financial demands to leaked data to major disruption of services. HNWIs are not immune and are targeted by ransomware attacks. At the heart of a ransomware attack is the encryption of vital data/files denying organisations or individuals access until they pay a ransom to the ransomware crews (cyber criminals) in exchange for decryption keys. “Cybercrime is always evolving; we have also seen a twist of the classic ransomware attack, with 'ransomware crews’ asking for payment not to make stolen data public, in addition to wanting payment for decryption keys to regain access to your data.”
Security controls must, of course, be proportionate to the level of risk you face, so it is important to consider what you want to protect (valuable assets and confidential information), as well as how potential threats or risks will affect you. A good place to start is scanning your inbox to see if you have received any phishing emails, do not open them and be cautious when disclosing information. You might also want to make sure that you encrypt any sensitive information you view as valuable. You may be familiar with multi-factor authentication, which ensures that only you can access your data. Make sure that it is enabled on all your devices and operating systems.
Cyber insurance is becoming a key tool within the armory of cyber defense at a corporate and individual level. HNWIs must consider procuring cyber insurance as part of their cyber security strategy.
Many people confess to using the same password across multiple platforms, or a password containing personal information or worse, both. Alphus says that this makes them easy prey as they can be hacked with ease. Fortunately, password-less technology is now available. With a Microsoft account on Windows 10, users can opt for the Hello app, which uses facial recognition rather than a password to enable access into apps or platforms. Alternatively, password managers can generate a strong password that you do not need to remember. Finally, remember to never, ever write your password down.
These may sound like some of the most basic and simple security controls to put in place, yet most people do not make use of them. However, if you can get the basics right, you will cut out 80% of your vulnerability. This leaves 20% to focus on the concentrated, advanced, persistent threats.
HNWIs will typically have third parties represent them, and it is important to be sure the third parties are secure. It is essential to find out how they store your information and who has access to it. In addition, there are third-party companies that perform third-party risk assessments on vendors and can verify they are secure and compliant.
Standard Bank recognises that trust is one of the most fundamental client needs. It is firmly established by preserving and protecting the information, data, and any physical assets of its clients. This is accomplished through the development of a rigorous security strategy and multiple controls. Increasingly, cyber risk is not only a technology issue but a boardroom issue. It is a risk that potentially not only exposes our client, but that of the corporation as well - because if appropriate controls are not put in place to protect information, not only are parties and individuals exposed to cyber threats and data breaches, they also risk hefty fines under new legislation such as the GDPR.
Standard Bank’s security strategy involves a multi-layered approach that leverages both human and technology skills. It has several protections in place like antivirus software and technology solutions that ensure data is encrypted, emails are monitored for malware and phishing, while closely observing the behavior of those who have network access to prevent weaknesses. The cyber security industry has seen a rise in the security operations centre, which the bank has in place, where experts proactively hunt for threats 24/7, with the assistance of artificial intelligence.
However, while threat detection and monitoring are critical, being able to respond to those threats appropriately through a proper incident response plan is key. The Standard Bank mindset is: verify first before you trust the source.