Cyber crime: EA banks on the receiving end
SECURITY| July 31, 2012, 4:06 p.m.
By Semaj Itosno, Nairobi, Kenya
Banks in East Africa could lose their battle against cyber criminals unless they fix loopholes in the online systems, a new survey by audit firm Deloitte, warns.
The survey shows that East African banks lost USD48.3 million to fraud in the eighteen months ended June 2012.
This is 25% higher than a similar period in two years ago.
But the damage could be grimmer if banks had to reveal all the finer details of the fraud cases they have faced.
According to Deloitte, the USD48.3 million figure is an understatement. Sadly, the survey reveals that about 50% of total fraud was an ‘inside job’ and banking officials were involved.
“The pervasiveness and magnitude of fraud is on the rise. Technology is turning out to be a double-edged sword,” Robert Nyamu, Deloitte’s Forensic Director said.
Another report recently released by an IT security consulting firm, Serianu revealed that cyber criminals were sharing information on security gaps in Kenyan banks and leaking credit card information for as little as USD9.6.
The Serianu report revealed that more than 80% of Kenyan websites are built on open source software such as Wordpress, Joomla, Apache and MySQL whose security codes are available online for free.
According to William Makatiani, the managing director at Serianu Ltd, Government websites and banking institutions remain the most vulnerable targets since most of their website are developed externally but they rarely do a check on their security settings or update them.
“During our research, we came across a credit card shop that was selling credit card data issued by banks located in Kenya,” said Makatiani.
The study was done between the months of January and April this year and lists bank accounts, credit and debit card details as the most looked for data by cyber criminals.
Online fraud has been growing steadily in Kenya and commercial banks are estimated to lose USD36million to cyber criminals annually.
MORE SECURITY NEWS
F5 introduces standalone security products to defend against targeted attacksF5 DDoS Hybrid Defender provides superior infrastructure protection by combining multilayered DDoS defence across network, session, and application layers. Read More
Ethical Hacking students can’t get a heck of a jobBotswana ethical hacking students report that they are failing to break into the local job market. Read More
Pokémon GO: Sophos warns against malicious copycatsResearchers at IT security company Sophos have warned mobile users to be cautious when downloading augmented reality (AR) mobile games. Read More
New PCI multifactor authentication rules: Is it too late?The PCI (Payment Card Industry) Security Council has extended its requirements for multi-factor authentication to anyone who has access to credit card data. Read More
Web apps, a leading cause of security breachesWeb applications are the leading cause of security incidents for financial services, according to the 2016 Verizon Data Breach Investigation Report; this is up from 31 percent from last year’s report. Read More
Analyst firm Ovum publishes SWOT analysis of Arbor Networks Spectrum v2.1Arbor Networks has announced that leading global telecoms analyst firm, Ovum, had published a strengths, weaknesses, opportunities and threats (SWOT) analysis of version 2.1 of Arbor Networks Spectrum. Read More
New RSA Via solution innovations strengthen identity assurance and governanceRSA, The Security Division of EMC, has announced new, innovative identity assurance and identity governance capabilities in RSA Via, designed to help organisations effectively balance security and user convenience as they assure identities and better govern and manage privileged access. Read More
Study affirms the DDoS challengeThe threat of DDoS is becoming ever more ubiquitous and attackers continue to ramp up in both scale and frequency. Read More
The sum of details at hand equals the quality of a cyber threat investigationJust like any detective investigating a crime scene, security analysts need to be able to access all the information pertaining to any threat incident they are investigating. Read More
FEATURED STORYFirst-ever Africa Barclays Accelerator programme concludes
Ten fintech companies have concluded the first-ever Barclays Accelerator, powered by Techstars in Africa.
BEST READ NEWS
IN DEPTHEthical Hacking students can’t get a heck of a job
Botswana ethical hacking students report that they are failing to break into the local job market.