An Internet of Things cyberattack is the new risk to banks, writes Brian Caplen.

Banks have spent a lot of time and money making their websites safe from cyberattacks. They have focused on data and identity protection – giving customers devices that generate security codes and texting to verify transactions. They have tried to educate customers on the risks. 

But the furore over the hacking of the US Democratic National Committee by the Russian state shows how phishing with fake websites can still deliver results. Default or simple passwords are still in abundance. 

If some bank customers are still using '123456' and ‘password’ for their bank accounts, you can be sure that vast numbers are doing the same for smart devices that control their fridges, DVD players, web cams and other household items. After all, who cares if President Putin orders your fridge to be switched off? It hardly seems that serious. 

But the ability for hackers to use the Internet of Things as a way of disrupting everyday sites such as Facebook, Amazon, Twitter and Netflix became clear last October. In this hack, the sites in question were not breached but instead smart devices were taken over and bombarded with information in a distributed denial of service attack. 

This was aimed at Dyn, a domain name server company – the infrastructure that translates IP addresses into computer language – whose clients include the impacted sites. 

Banks cannot afford to be relaxed about this new form of cyberattack. This was also the method used against five Russian banks including Sberbank, which said it was able to neutralise the attack. A more successful attack would have been damaging to reputations through loss of service even if the actual accounts were not hacked. 

John Drzik, president, global risk and specialties, for insurer Marsh says: “The big mindset shift for companies is to see cybersecurity as a risk issue and not an IT issue and to look at it in terms of governance and how much to invest in response as well as in protection.” The risks associated with emerging technologies is one theme explored in the World Economic Forum’s Global Risks Report 2017

Brian Caplen is the editor of The BankerFollow him on Twitter @BrianCaplen

Register to receive my blog and in-depth coverage from the banking industry through the weekly e-newsletter. 

PLEASE ENTER YOUR DETAILS TO WATCH THIS VIDEO

All fields are mandatory

The Banker is a service from the Financial Times. The Financial Times Ltd takes your privacy seriously.

Choose how you want us to contact you.

Invites and Offers from The Banker

Receive exclusive personalised event invitations, carefully curated offers and promotions from The Banker



For more information about how we use your data, please refer to our privacy and cookie policies.

Terms and conditions

Join our community

The Banker on Twitter