In Depression-era America, bank robbers John Dillinger, Baby Face Nelson, and Pretty Boy Floyd were household names. Newspapers detailed their heists, radios narrated their getaways, wanted posters plastered their mug-shot scowls from coast-to-coast. Every detail of their bank robberies and personal lives was seized upon, scrutinized, circulated, and discussed.
Eight decades later, bank robbery is a digital, systematic crime practiced – with methods constantly improved – by organized syndicates. The stubbled faces of Dillinger, Nelson, and Floyd have been replaced by shapes on the world map tracing the borders of Russia, North Korea, and Iran. A former NSA Deputy Director said publicly in March that “nation states are robbing banks.”
A 2015-16 campaign stole hundreds of millions of dollars from banks in the Society for Worldwide Interbank Financial Telecommunication (SWIFT) network. SWIFT network banks in. That campaign, which targeted developing countries, was linked to the North Korean Reconnaissance General Bureau (RGB), security analysts believe. In 2017 North Korean hackers targeted at least three South Korean cryptocurrency exchanges, capitalizing on Bitcoin’s anonymity to circumvent international sanctions. The Pyongyang University of Science and Technology has begun offering its computer science students classes in Bitcoin and blockchain.
The best cybercriminals in the world live in Russia, where they are largely immune from prosecution. For instance, one of the cybercriminals who hacked Yahoo at the behest of Russian intelligence services, compromising millions of accounts, used the stolen data for spam and credit card fraud for personal benefit. Iran’s DDOS attack on leading U.S. banks exemplify its coercive strategy to exert influence through disruption and destruction.
Hackers in these countries, whether affiliated with the state or not, account for much of the cost of global cybercrime. The latest strategy of their sophisticated operations is to target the “seams” between well-defended networks, exploiting weak points in the global financial network to pull off massive heists and in some cases further their national rhetoric.
To combat these operations, major international financial institutions are investing in defense, better fraud prevention, and transaction authentication. One report says that banks spend three times as much on cybersecurity as non-financial institutions to fight what has become a systematic risk to financial stability.
In the 1920s and ‘30s, the world sat back and watched John Dillinger, Baby Face Nelson, and Pretty Boy Floyd do their dirty work as the FBI slowly closed in. We can’t do that today. Governments, financial institutions, companies with banking records, and anyone with an ATM card should be invested in stopping financial cybercrime.
Banks have banded together to share information in near real time in order to protect the stability of the broader electronic financial system on which the world economy to heavily depends. Ultimately, they have determined that no one organization can go it alone with faced with such organized and well-funded adversaries. With the stability of the global financial system in play, unprecedented collaboration has become the new norm, we at McAfee embrace the same spirit by building all of our technology to facilitate the sharing of critical data across hundreds of technology partners. It appears sharing and collaboration will be the only way to counter this new breed of adversary and no one can go it alone anymore. The banks are leading the way in this new reality of Together is Power.