Banks in Bangladesh are making vigorous efforts to prepare themselves to resist sophisticated cyberattacks and protect banking information and infrastructures vulnerable from such attacks.
They have been investing heavily in technology infrastructure solutions and manpower development in a bid to achieve increased productivity, efficiency and profitability, said a senior official of Bangladesh Bank.
Information Communication Technology has become a mainstay of banking services and has made banking truly global, he said, adding that electronic banking is nowadays the key means for conducting financial transactions.
Business operations in the banking and financial sector have becoming increasingly dependent on the computerized information systems, said the central bank official.
He, however, added that cyber security has not been properly addressed by the banking sector of Bangladesh, even though in recent times the financial services industry has been under persistent threat here.
Cyber security is the ability to protect or defend the use of cyberspace from cyber-attacks, according to the National Institute of Standards and Technology, USA.
However, according to a study report published recently, 28 percent banks in the country have no preparation to resist any possible cyber attack.
The study has found that incidents of ATM Card forgery takes place much more while the banks suffer a lot duty to lack of skilled IT workforces.
So far, the central bank has organised many seminars on cyber security to make people aware.
Meanwhile, the SWIFT (Society for Worldwide Interbank Financial Telecommunication) has encouraged training Bangladeshi bankers and ministry officials to help them prevent, detect and respond to fraudulent acts, sources said.
The move has been made as criminals have sharpened their nails by engaging sophisticated means to burst into the cyber accounts of individuals and institutions.
The SWIFT is the global provider of secure financial messaging services which most of the banks across the world use to carry out financial transactions.
Regional head of SWIFT for India and subcontinent Kiran Shetty recently communicated his interest to be engaged with the finance ministry and the central bank on this issue.
In a letter sent to Bangladesh High Commission in New Delhi, he said there had been a significant evolution in cyber threats facing the global financial industry over the last 18 months “as adversaries have advanced their knowledge”.
“They have deployed increasingly sophisticated means of circumventing individual controls within users’ local environments and probed further into their systems to execute well-planned and finely orchestrated attacks,” Mr Shetty said.
He also wrote that SWIFT launched the Customer Security Programme (CSP) in 2016 to raise awareness and empower its customers.
Its global payments innovation (GPI) is transforming correspondent banking and enables faster, more efficient payment combined with transparency of transactions and fees across the payments chain.
“SWIFT is engaged with the banks in Bangladesh to assist them in using SWIFT products and services, provide technical training and help with their CSP attentions,” Mr Shetty said.
“We are keen to talk about the CSP and GPI initiatives with the finance ministry and the central bank and agree on workshops to educate the community in Bangladesh,” he said in his letter.
Like other global banks, Bangladeshi banks, including the central bank, also use SWIFT’s financial messaging service in inbound and outbound payments.
However, the cybercriminals succeeded to steal US$101 million from the Bangladesh Bank (BB) reserves deposited with the US Federal Reserve Bank in New York in February 2016, and channelled to accounts at a bank in the Philippines, by placing fraudulent orders on the SWIFT payments system.
The hackers sent 35 orders, via the SWIFT, to transfer around $951 million from the BB’s account with the Fed on February 4 to a series of private accounts in other countries.
The Fed executed five of these orders, transferring $101 million to four private accounts in the Rizal Commercial Banking Corporation (RCBC) in Manila and one to the account of a non-governmental organisation in Sri Lanka.
It, however, did not carry out the remaining 30 transfer orders, totalling $850 million, and instead sought reconfirmation from the BB.
Mr Shetty in his letter also said the SWIFT would again make available the GPI Stop and Recall service in the third quarter of this year. The service is a powerful tool in allowing banks to stop fraudulent or erroneous payment instructions instantly, no matter where it is in the payment chain.
If such a payment is stopped, every bank in the payment chain would be notified at the same time. And if the payment was credited, the instructed bank would receive an immediate recall of funds instruction.
“SWIFT is committed to supporting our community in responding to persistent cyber threat,” he added.
He also wrote that SWIFT’s customer security programme is already making a strong impact on assisting its customers in preventing, detecting and responding to fraud and reinforcing the security of global banking.
A senior official at the Ministry of Finance (MoF) told the FE that they welcome such a move taken by SWIFT as the cyber system is becoming increasingly risky day by day.
He said they will be happy to get engaged more with the SWIFT to ensure security of banking and payment systems.