Home Today's Paper Most Popular Video Gallery Photo Gallery
Subscription Blog Signin Register
Logo
Friday, October 19, 2018 02:10:54 PM
Follow Us On: Facebook Twitter Twitter Twitter Twitter

Cyber attacks growing problem in developing nations

By
11th-Oct-2018       
Comments
Share your thought
Post a comment »
Read all () »

Silvia Baur-Yazbeck  :
Few experiences undermine a digital financial services (DFS) customer's finances and trust in DFS like becoming the victim of a cybercrime. This is especially true of low-income customers, who are least able to rebound from the losses, and of the newly banked, whose trust in financial services may be fragile.
Unfortunately, cybercrime is a growing problem in developing countries, where customers often conduct financial transactions over unsecure mobile phones and transmission lines that are not designed to protect communications. In Africa, the number of successful attacks against the financial sector doubled in 2017, with the biggest losses hitting the mobile financial services sector. DFS providers must adopt stronger cybersecurity measures to protect themselves and their customers. But which threats pose the greatest risk today?
In 2017, CGAP surveyed 11 DFS providers operating in Africa to understand how they perceive and mitigate cyber risks. We learned that all of them have been affected by cybersecurity incidents and are at various stages of implementing cybersecurity measures in their organizations.
While they are still most concerned about better-known types of fraud in DFS, such as malicious employees and agents, they are seeing themselves confronted with four types of risks emerging in cyberspace.
Social engineering
In a social engineering attack, the criminal tricks the victim into revealing sensitive information or downloading malware, which opens the doors to physical locations, systems or networks. The idea is to exploit a vulnerable person rather than a vulnerable system. DFS providers from Ghana, Kenya, Tanzania, Uganda and Zambia told us that fraudsters had duped their employees into sharing their user login details and then accessed corporate information systems. Most DFS providers consider careless or unaware employees to be a major factor in their organization's cyber risk exposure.
But DFS customers are a vulnerability, too. The newly banked are more likely to fall victim to this type of scheme because of their limited experience with digital fraud. Providers can guard against social engineering through regular awareness and education campaigns. It is also important to appropriately manage user access rights, introduce system log monitoring processes and require two individuals for completing sensitive transactions (i.e., maker-checker controls).
Data breaches
Using malware or social engineering, hackers can gain access to valuable information, such as credit card numbers, customer personal identification numbers, login credentials and government-issued identifiers. Weak patch management, legacy systems and poor system log monitoring were cited as the main reasons why DFS providers' systems are susceptible to hacking attacks. In addition to financial losses that can result from a data breach, providers' reputation and customers' trust are at risk. In 2017, thieves breached a DFS provider's systems in Kenya and stole hundreds of customers' identities.
The fraudsters accessed sensitive customer information, such as account types and last transactions, which allowed them to pass as legitimate customers and apply for loans in the victim's name. To protect against data breaches, DFS providers need to regularly update their systems and software, patch their systems, use strong encryption for data at rest and in transit and implement 24/7 system log monitoring.
Outages & denial of service attacks
DFS providers sometimes experience system outages during routine system upgrades or patches. Earlier this year, an upgrade gone awry left DFS users in Zimbabwe without access to their digital money for two days. Systems unavailability can also be the result of a cyberattack. For example, in 2017, M-Shwari customers in Kenya were left without access to their savings and loan products for five days. And, after the outage, several found inconsistencies in their account balances. The most frequent form of attacks that cause system unavailability are denial-of-service attacks.
In a denial-of-service attack, cyber criminals overwhelm a server by flooding it with simultaneous access requests, depriving legitimate users of access to the system.
In most cases, the objective is to harm the business. Yet, in some cases, cyber criminals have launched denial-of-service attacks to distract attention from an attempt to gain access to the system.
Effective countermeasures include continuous network traffic monitoring to identify and detect attacks while allowing legitimate traffic to reach its destination, a solid and tested incident response plan that allows for quick reaction in an emergency and strong change management processes and disaster recovery planning.
Third-party threats
DFS providers rely on third parties for a range of services, such as mobile network, information technology and data storage solutions. Sometimes, these providers misuse their system rights to access confidential customer information that they can sell or use for social engineering.
Also, a third party that handles sensitive information may not have appropriate safeguards against cyberattacks, putting at risk the confidentiality and integrity of the DFS provider's customer data. To address third-party threats, DFS providers should implement due diligence reviews of current and potential partners, including reviews of their security policies and practices.
Impact on low-income customers
If physical money used to be kept safe in bank vaults, what is protecting money now that it is digital? This is a financial inclusion question because the answer is especially important for low-income customers. In developed countries, it is usually the financial services provider that is legally responsible for bearing the cost of fraud. In developing countries, it is often the customer.
The experience of fraud and rumors of fraud experienced by others causes mistrust in DFS, especially among lower-income consumers. The DFS providers we spoke with in Africa recognize their need to invest more in cybersecurity for both themselves and their customers.
They acknowledge that better safeguards are needed to mitigate threats and be better prepared to respond to incidents. Failure to take the relevant steps could deter people from entering the formal financial system and significantly harm consumers and markets.
- IPS

Tariff
Add Rate

News Archive

Inside The New Nation

Football »

Chairperson of the Women's Football Committee of Bangladesh Football Federation (BFF) Mahfuza Akter Kiron speaking at a press conference at the conference room in BFF House on Thursday.


Editorial »

Finally a big loan defaulter held: Others must be nabbed soon


AFTER letting many businessmen get away with loan defaults, the government has finally become stern towards loan default and loan scammers by arresting Chattogram-based SA Group's managing director. Also a director of Mercantile Bank, Sahabuddin Alam was arrested on Wednesday on at least five counts of loan irregularities. The irregularities ...

International »

US first lady`s plane lands safely after smoke filled cabin


Reuters, Philadelphia :U.S. President Donald Trump said his wife, first lady Melania Trump, was safe on Wednesday after a mechanical problem forced her airplane, which was headed for Philadelphia, to return to the Joint Base Andrews military facility in Maryland."They had a problem, but she's fine," Trump said in an ...

Entertainment »

Tale of a rock legend


Sheikh Arif Bulbon :Ayub Bachchu, mostly known as AB, is the legendary name in the history of Bangladeshi band music. He was born in Chattogram on August 16, 1962. With tremendous fan acceptance Ayub Bachchu is famous for his fabulous guitar playing. He has started his music career from his ...

City »

A view of the protest meeting organized by United Students Forum held at the Jatiya Press Club demanding release of BNP Chairperson Begum Khaleda Zia and stoppage of giving farcical judgement in fake cases against Tarek Rahman on Thursday. Among others, Senior leader Nazrul Islam Khan was present on the occasion.


Football »

Groeneveld scores as Netherlands draw 1-1 with Belgium


AP, Brussels :Arnaut Groeneveld celebrated his first start for the Netherlands by scoring a first-half equalizer Tuesday as the Dutch drew 1-1 with neighbor Belgium.The 21-year-old midfielder who plays for Belgium's Club Brugge rounded off a flowing Dutch move in the 27th minute, controlling the ball with his left foot ...

Football »

Brazil's Miranda silences Argentina with last-gasp winner


AFP, Jeddah :Brazil snatched a dramatic 1-0 win over Argentina with an injury-time header from Miranda in their friendly match in front of a sell-out crowd in Jeddah, Saudi Arabia on Tuesday.The Inter Milan centre-back was left all alone to thump in a 93rd-minute effort from Neymar's corner when the ...

Editorial »

EC failed to prove its neutrality


WHEN the country is facing a political uncertainty over the polls-time government coupled with the dissatisfactory role of the Election Commission, Chief Election Commissioner (CEC) KM Nurul Huda on Tuesday said the Election Commission will do everything necessary to hold free and fair elections. Its sound good but the hollowness ...

International »

Irish author Anna Burns wins 2018 Man Booker Prize


Reuters, London :"Milkman" by writer Anna Burns scooped the 2018 Man Booker Prize on Tuesday, with the Northern Irish writer winning the literary award for her third full-length novel.Set in an unnamed city during the bloody "Troubles" of Northern Ireland, the "Milkman" tells the coming-of-age story of a young girl's ...

City »

Bangladesh Federal Union of Journalists (BFUJ) leaders covering their months with blackclothes, demanding amendment of 9 Sections of the Digital Security Act as black law in front of Jatiya Press Club on Wednesday.


Entertainment »

Affri Selina in three films


Sheikh Arif Bulbon :Affri Selina is establishing her position in media slowly day by day. Earlier, she had interest to perform as a model in showbiz but later she became interested to acting. So, now she has full concentration to acting. Yesterday she took part in shooting of a music ...

Cricket »

ICC WC Trophy to arrive in Bangladesh today


ICC World Cup (WC) Trophy will arrive in Bangladesh today as part of its worldwide 'Trophy Tour' ahead of ICC Cricket World Cup 2019 scheduled to be held in England.The trophy will be visiting Bangladesh's three cities - Dhaka, Sylhet and Chattogram over five days period. It will be displayed ...

Sports »

In this photo provided by the OIS/IOC, Russia's Mariya Kochanova competes in the Women's High Jump at the Athletics Field during the Youth Olympic Games in Buenos Aires, Argentina on Monday.


International »

Maldives court rejects Yameen's secret witnesses


AFP, Colombo :The Maldives' top court rejected on Tuesday three "secret" witnesses offered by President Abdulla Yameen in his petition to have his September election defeat annulled, in what is likely a major blow to his case.The refusal came as the Supreme Court concluded its hearings, which also saw Yameen ...

Business & Economy »

Microsoft co-founder Paul Allen dies


AFP, San Francisco :Paul Allen, who founded Microsoft with Bill Gates in the 1970s and later went on to become an investor, philanthropist and sports team owner, died Monday after his latest battle with cancer at age 65."My brother was a remarkable individual on every level. While most knew Paul ...

 
Items that you save may be read at any time on your computer, iPad, iPhone or Android devices.
 
Are you new to our website? Do you have already an account at our website?
Create An Account Log in here
Email this news to a friend or like someone
Email:
Write a comment to this news