Pre-emptive measures key to curbing cyber fraud, ATM thefts

Pre-emptive measures key to curbing cyber fraud, ATM thefts
But still, why Malaysian ATMs? In the 1990s, credit card fraud was a common thing here. Now Malaysia is said to be the fifth most vulnerable nation to malicious software (malware) attacks after Indonesia, China, Thailand and the Philippines.

Some people from Latin America are making headlines by stealing money from our banks right under our noses.

They seem to have a way with technology, using a special key to open up the automated teller machines (ATMs) and punching in some numbers, and BINGO ...

Thus far they have hit 18 ATMs in Johor, Malacca, Selangor and Kuala Lumpur and carted away with RM3 million (S$1.2 million).

Perhaps they also found an old ATM manual to be able to figure out how to hack these machines.

This is like the story reported of two teenage boys in Canada who found an old ATM operators manual online and decided to make a go for it. The manual had some features of the ATM that gave access to data like cash balances, customer charges and transactions, and all these were protected by a mere password.

After punching some numbers to unlock the password, they got into the system. Unlike the suspected Latin Americans, these two boys alerted the bank to tell them how easily their systems were compromised. If they were criminals, they would not have alerted the bank but instead carted away with the loot.

An IT expert pointed out that criminals normally went for the low-hanging fruit - they targeted the weakest link where there was least resistance.

But still, why Malaysian ATMs?

In the 1990s, credit card fraud was a common thing here. Now Malaysia is said to be the fifth most vulnerable nation to malicious software (malware) attacks after Indonesia, China, Thailand and the Philippines.

It ranks fifth out of 10 countries that are riskiest to threat of cyber attacks, and is seen as an emerging market for these criminals.

There are an average of 17.66 phishing sites per 1,000 host computers in the country, three times more than the global average of five. A phishing site is a fake website which asks victims to update personal information such as their password, credit card, social security or bank account numbers, and hacking is a way to break into a secured computer link.

Hacking has been happening since computers were first introduced, and ATM hacking is common globally. Thus far reports say global ATM hacking has led to RM147.8 million in losses.

But ATM hacking is just the tip of the iceberg. The bigger threat is when our smartphones, tablets and computers are compromised as they contain our personal data. Just imagine doing an online transaction which goes to someone else across the globe.

Last month, eight people lost RM59,000 after their mobile devices were hacked with the "Zeus" malware, which tricked them into providing confidential banking details.

With the speed of evolution of technology, the need to have multiple defence protection layers is not just necessary but critical.

To provide convenience to customers be it in the form of ATM cards, online banking or other online tools requires continuous investment in information technology. And that means spending hefty amounts in IT expenditure yearly.

As it is financial institutions are already investing in ICT yearly, but providing a basic layer of protection may not be the solution as the cyber fraud threat becomes more sophisticated than before.

There is also a need to invest in a trigger mechanism to flag any fraud activity and stop a transaction. This can help financial institutions and their customers save millions of ringgit a year.

Therefore, these institutions need to take a pre-emptive stand and look at different options to better protect themselves and their customers, and where customers' money is concerned, safety should not be compromised.

There are lessons to be learnt from the ATM hacking episode not only for the financial institutions but individuals too. Smartphones, tablets and laptops are vulnerable to cyber attacks and they need to be adequately protected or individuals will succumb to cyber attacks. As an expert pointed out, the malware can be inherent in the device and those who want to hack can activate it from half-way around the globe.

More about

Purchase this article for republication.

BRANDINSIDER

SPONSORED

Most Read

Your daily good stuff - AsiaOne stories delivered straight to your inbox
By signing up, you agree to our Privacy policy and Terms and Conditions.