I was reading a cool article from NYT (here) about possible links between hacking operations and heist made thru international networks. I was also wondering about the perception of bank’s security today, as seen from the everyday client.
You see, I work in the IT and I know for sure how much money has been invested in the last three decades to have the best security level possible, not to mention all the national and international laws made to protect sensible data at any level.
Truth is, no open system is 100% safe. No matter how good are the security standards, how much money and efforts have been set up and what else incredible instrument you could imagine. At the very core of any system, there will be human operators. They are the weak spot.
Of course, banks knows about that. I’ve seen all the sorts of training systems, designed to improve and maximize the awareness of hacking risks when using the IT structures of the bank. Most of them were nothing but well-written trash. Even the good ones, the few that makes any real sense, were flawed by an error: nobody cared for the people who should use it.
You can’t hammer in the mind of your clerks, staffers and low-level collaborators that they should be more focused on security, that they should pay more attention to any detail and bit of their procedures while you’re pressing them to do more and more underpaid work hours. Sorry, big managers, it doesn’t work this way.
So, are your personal data safe? And is your hard-earned money safe?
The answer to the first question is a full NO. There are dozens of well-documented episodes, from all around the world, that shows that banks are a full-round target for hackers of every kind, often sponsored by national governments. Even without hacking actions, just think about how easy it is to bribe somebody to look at your data.
The answer to the second question is different. In many countries, there are laws and warranties, sometime insurances, that are set up to guarantee your money back if a successful heist takes place in the bank. It’s not a fast process and you will lose some by the way but in such countries, you will be more or less safe. Other places are not covered at all. 100% of your money will be there, and good luck with the civil action against the bank.
As any other ludicrous activity, this kind of cybercrime is getting more and more organized. There are cartels based in Asia and in South America, so-called “respectable” firms based in Europe and in the USA that offer illegal access and more. That for giving a bit or two of a much bigger picture. Scary, isn’t it?