Cyber crime: EA banks on the receiving end
By Semaj Itosno, Nairobi, Kenya
Banks in East Africa could lose their battle against cyber criminals unless they fix loopholes in the online systems, a new survey by audit firm Deloitte, warns.
The survey shows that East African banks lost USD48.3 million to fraud in the eighteen months ended June 2012.
This is 25% higher than a similar period in two years ago.
But the damage could be grimmer if banks had to reveal all the finer details of the fraud cases they have faced.
According to Deloitte, the USD48.3 million figure is an understatement. Sadly, the survey reveals that about 50% of total fraud was an ‘inside job’ and banking officials were involved.
“The pervasiveness and magnitude of fraud is on the rise. Technology is turning out to be a double-edged sword,” Robert Nyamu, Deloitte’s Forensic Director said.
Another report recently released by an IT security consulting firm, Serianu revealed that cyber criminals were sharing information on security gaps in Kenyan banks and leaking credit card information for as little as USD9.6.
The Serianu report revealed that more than 80% of Kenyan websites are built on open source software such as Wordpress, Joomla, Apache and MySQL whose security codes are available online for free.
According to William Makatiani, the managing director at Serianu Ltd, Government websites and banking institutions remain the most vulnerable targets since most of their website are developed externally but they rarely do a check on their security settings or update them.
“During our research, we came across a credit card shop that was selling credit card data issued by banks located in Kenya,” said Makatiani.
The study was done between the months of January and April this year and lists bank accounts, credit and debit card details as the most looked for data by cyber criminals.
Online fraud has been growing steadily in Kenya and commercial banks are estimated to lose USD36million to cyber criminals annually.