By John Churu, Gaborone, Botswana
Recently, the Botswana Institute of Bankers (BIoB) held its symposium in which a topic “Managing data fraud in a technologically savvy era: Implications of impact on the banking Industry in Botswana,” was one of the items on the agenda. Participants agreed that the reason why there is an increase in cyber crime is partly because of the increase in bandwidth and processing power and the reduction in the cost of using the internet as well as abundant information available globally.
“There was a trend towards theft of data, not just direct theft of money and this was sold to other criminals who use it for various types of crime ever, data is becoming much more valuable than ever,” said one of the conference specialists on cyber crime related to banks, Dzikamani Nganunu. He added that, the Botswana government was working towards puting together a data protection act.
According to Nganunu, there were a lot of risks for banks in Botswana and this partly stemmed from the fact that risks lie in the infrastructure connecting banks: clearing systems, payment systems, ISPs, Telcos and the general national infrastructure which include water, power, airspace.
Where are the risks for banks in Botswana, according to the expert; because “Hackers can take down national power grids hackers can switch off industrial and mining operations, hackers can render airspace inoperable, hackers can disable telecommunications infrastructure,” it means there is a great degree of risk in the banking sector in this country.
The insider threat is probably the greatest risk since most cyber breaches are through authorised users such as employees. Cyber criminals target bank employees with spear phishing emails, Social media is often used to gain a profile of the employee, very targeted emails are sent with an attachment, once the attachment is clicked, the network is compromised.
“Are you an insider threat to your organisation?” Nganunu enquired from the audience. Do you open attachments from people you don’t know? Do you have anti-virus software on your mobile phone? Do you log into WIFI hotspots at airports, conference centres, cafes? Have you changed the default password on your WIFI router at home? What about network printers, surveillance cameras…?
“The cyber attack may render PCs inoperable,the attack may jumble account data account numbers, names, balances and as for Ransomware, the attack may encrypt email systems subject to payment of a ransom,” There was a very urgent need according to this BIOB gathering to educate users, managers, board members as well as customers about the dangers in cyber crime including the use of social media systems.
Companies were encouraged to design and implement a robust cyber security policy including the use of social media, profile employees with access to critical information and systems and insist on the promotion of a code of ethics at IT training Institutions.
Dzikamani Nganunu felt there was not enough being done by banks locally to share information on this type of crime. “Banks in Botswana need to disclose their cyber breaches to each other,” he explained. There should be information sharing to encourage companies to shareinformation on cyber attacks.
Perhaps there should be a role for the Botswana Institute of Bankers (BIoB) to facilitate this information sharing, Nganunu said to the august house of the country’s custodians of wealth and cash. Since banks are not fully aware of the risks that are at their disposal, they should be encouraged to strengthen their defences and also draw up a digital agenda and adaptable strategies.