Risk Management Special - May 2017 - CIOReview India Magazine 8

| | May 20178CIOReviewhere's an 11-hour time difference between Bangladesh and the US, with the former ahead by almost half-a-day. February 4, 2016, was a Thursday in the US when the Federal Reserve Bank started receiving a series of requests from the Bangladesh Central Bank to pay payments totally nearly USD 1 billion to accounts individual accounts in Sri Lanka and the Philippines. Most of Bangladesh was closed for Friday prayers when the requests came into Fed.Bangladesh's central bank, like many other countries, maintained an account with the Fed for international transactions. Within a matter of hours around USD 101 million had been paid out when the word `Jupiter', was part of the address of one of the individuals to whom the money was being paid, triggered an alarm for an entirely different reason.By chance, Jupiter was also the name of an oil tanker and a shipping company under United States' sanctions against Iran. That sanctions listing triggered concerns at the New York Fed and spurred it to scrutinize the payment orders more closely. It was a "total fluke" that the New York Fed did not pay out the USD 951 million requested by the hackers. The incident revealed worrying weaknesses in the global financial system, despite several irregularities in the payment requests. The messages lacked the names of "correspondent banks" the necessary next step in the payment chain. Most of the payments were to individuals rather than institutions. The Bangladesh heist is an insignificant sum compared to the vast amounts being lost in cybercrime around the world. The global cost of cybercrime will reach USD 2 trillion by 2019, a threefold increase from the 2015 estimate of USD 500 billion, according to "The Global Risks Report 2016," from the World Economic Forum; and a significant portion of cybercrime goes undetected. This is particularly true in the case of industrial espionage and the heist of proprietary secrets, because illicit access to sensitive or confidential documents and data is hard to detect.Closer home in India, over 50,300 cybersecurity incidents like phishing, website intrusions and defacements, virus and denial of service attacks were reported in 2016. Last September India's largest bank, State Bank of India, was forced to block close to 6 lakh debit cards following a malware-related security breach in a non-SBI ATM network. Several other banks, such as TIN MY OPINIONBy Amitabh Ray, MD, EricssonAmitabh Ray is a global management and technology professional with over two decadesof cross-functional rich leadership and hands-on experience incorporate strategy, management consulting, program & engagement management, change management & systems integration. Currently, he is the MD at Ericsson Global Services India and is responsible for managing operations in the areas of R&D, product development, pre-sales & sales support, services delivery and a number of global shared support functions.Using Artificial Intelligence to Crack the Cyber-Risk Code
< Page 7 | Page 9 >