On the road to open banking
Matthew Glenn: Australia's banking regime is a proactive ecosystem
Australian banks are working hard to get ahead of regulators and scrutinise their cyber security procedures in line with a global financial community still haunted by the $US81 million digital heist of the Bangladesh’s central bank in 2016.
That’s the view of the newest major entrant to the region’s cyber security community, Silicon Valley-headquartered Illumio, which last month opened its regional head office in Sydney.
Illumio product management chief Matthew Glenn said the decision on behalf of many Australian financial institutions to be proactive in so-called “micro-segmentation” — a cyber security method that aims to compartmentalise risk by segmenting data centre workloads and network regions — was key motivator for the company’s decision to hang out a shingle in Sydney.
Mr Glenn described the Bangladesh hack as a “canary in the coal mine” incident providing an indication of how members of the international payment transfer ecosystem would react to a breach of its scale.
Regulators from Hong Kong to Germany, he said, were moving on financial institutions to put in place measures to avoid a repeat of the incident, but in Australia no such motivation appeared to be needed.
“They’re taking the bull by the horns and starting to do it on their own which was really refreshing, because why would they wait for it to happen? They’re just actively doing it ahead of time,” Mr Glenn said.
Global paranoia in the wake of the Bangladeshi cyber-heist has been high with blame sheeted towards malware that infiltrated client software installed on bank servers for the global SWIFT payment system, cooperatively owned and operated by 3,000 financial institutions around the world.
In that attack, hackers attempted to swindle Bangladesh’s central bank of nearly $US1 billion dollars by sending fraudulent SWIFT messages to the Federal Bank of New York.
The attack was complex, allegedly involving compromised bank credentials in Bangladesh and faked bank accounts in the Philippines; a definitive understanding of how it occurred is yet to be reached.
However, it’s believed malware played a role in the heist, if only to give the hackers a way to understand the bank’s business processes and cover their tracks.
The attackers used holidays in Bangladesh to minimise the potential for detection and Illumio says that’s what Australian banks are trying to overcome — not letting unusual or unexpected activity within an organisation’s infrastructure go unnoticed.
Illumio’s segmentation software is designed to pick-up on unusual “East-West” traffic and activity —internal as opposed to “North-South” pointing to external threats — within a cloud computing environment.
The company has just announced a partnership with Qualys to integrate its vulnerability mapping features into its software engine to let customers know when their applications are unsafe or interacting in unusual ways.
Mr Glenn said that the first steps that banks were taking was to develop a picture of how their applications behaved by mapping their dependency on each other within the business system environment.
“If something strays from those normal communications patters, then that is a sign that something maybe isn’t right,” Mr Glenn said.
Illumio chief technology officer PJ Kirner pointed to Australia’s recently enacted mandatory data breach notification laws as another positive score for the country’s cyber security report card.
The scheme which came into effect from February requires companies with an annual turnover of more than $3 million to notify individuals if their personal data is involved in a serious breach.
The Office of the Australian Information Commissioner has released statistics revealing that Australian organisations reported 63 data breaches in the scheme’s first six weeks of operation — compared to 114 reported voluntarily in the whole of FY2017.
Mr Kirner said that, following in the footsteps of other jurisdictions, the laws would increase the motivation of organisations in Australia to take a more granular approach to monitoring the security of their various systems as more breaches were reported.
“You guys are only on the beginning of that journey but as time goes on that will pay off,” Mr Kirner said.