Moody’s warns banks of increased cyber risks

Mumbai: Global rating agency Moody’s Investors Service has warned banks of increased risks of cyberattacks during the ongoing covid-19 pandemic as employees are still adjusting to their work from home routines and lenders are shifting most physical processes into digital.

These attacks can be in the form of phishing emails, malware attacks and social engineering frauds as well, Moody’s said on Tuesday. Moreover, Banks’ digital customers are a natural target for fraudsters, they said.

“Social distancing has created a surge in demand for contactless payments, digital cash transfers and online banking, as well as remote working by bank employees,” said Alessandro Roccati, Senior Vice President at Moody’s.

The New York based rating company said that banks can mitigate these risks in three ways. The first is by having a strong corporate governance, including cybersecurity frameworks, policy enforcement and reporting. The second is risk prevention and response, and recovery readiness, they said.

The third, Moody’s said, is by sharing information with other banks, and adoption of international standards and regulatory oversight.

It said that external actors have been the largest perpetrators of cyberattacks on the financial sector, causing 64% of data breaches compared with 35% by internal actors.

Cyberattacks are mostly financially motivated and seek easily monetized data stored by the victim organizations. Attacks have various, and sometimes multiple, goals but the vast majority target personal data, with a minority focused on credentials and bank data, Moody’s said.