As the recent cyber attack on Tesco Bank shows, the threat from cyber criminals is a constant one for banks. However, as Brian Caplen describes, simply building ever-higher tech walls will not solve the problem; staff monitoring and customer education must be carried out too.

Cyber attacks on banks are becoming more frightening. The latest attack on the UK’s Tesco Bank, for example, involved money being taken directly out of tens of thousands of current accounts and ending up, say customers, in countries such as Brazil and Spain.

Up to this point most attacks on banks have been on individual accounts – in which case individual error was likely to have contributed to the security breach – or involved large-scale data theft rather than money, such as that from JPMorgan in 2014. 

The danger is that in reacting to the situation, banks spend huge sums on new IT but fail to fix the basics concerning processes and people. For all its sophistication many commentators think the attack on Tesco Bank would have required insider help. The same is true of the $81m heist at Bangladesh’s central bank in February. 

So that means banks need to spend as much effort on monitoring processes and hiring policies as on building ever-higher tech walls. But even this would not get near to solving the problem – that requires educating the customers. Research shows that the most favoured internet password is '123456' followed by 'password' and that young people are the biggest​ offenders when it comes to online carelessness. The comparison website Gocompare.com claims that half of millennials use the same passwords and PINs across multiple accounts, and since they share their personal data on social media, the task of figuring out their passwords is made a whole lot easier.

This presents banks with a difficult problem to solve but only by focusing as much on education as tech spend can there be any progress.

Brian Caplen is the editor of The Banker.

Order The Banker July edition

FREE trial access to Top 1000 World Banks

Join our community

View from Sibos: cybersecurity

Swift CEO Gottfried Leibbrandt reviews the various industry initiatives to prevent cyberattacks.

The Banker on Twitter

By continuing to use this site you consent to the use of cookies on your device as described in our cookie policy unless you have disabled them. You can change your cookie settings at any time but parts of our site will not function correctly without them.