In short:
The NAB says the big four banks are under constant cyber attack, labelling it “asymmetrical warfare”.
Overseas malicious actors in countries where it is difficult to be extradited are incentivised to target Australian banks.
What’s next?
There are practical steps financial services customers can take to limit their risk of being hurt by a cyber attack or scam.
Australia’s big four banks are under constant attack, says the National Australia Bank’s executive for group investigations, Chris Sheehan.
“Every bank.
“Every bank is being attacked all the time.”
Australia’s big four banks, it has been revealed, are being bombarded by cyber attacks every minute of every day, leaving customers increasingly vulnerable to scams.
The attackers are trying to get into the banks’ computer systems, deny services to customers, use malicious code or breach security logins.
And the purpose of these attacks?
“If it’s not us being attacked, then our customers are being attacked, in an effort to steal their information and their money.
“There’s no typical demographic.
“The entire community is at risk,” Chris Sheehan told The World Today.
Indeed, Chris Sheehan is blunt — it’s warfare out there.
“We’re engaged in asymmetrical warfare on a day-by-day basis,” he said.
“We’re dealing with threat actors of all different types.
“From, being colloquial, Larry the loser, in the basement at home that’s having a bit of a chop away at the laptop and trying to steal money from people or hack into a system, all the way to highly sophisticated, ruthless and resilient transnational organised crime groups and they’re the ones that are driving 90 per cent of the scams that are hitting Australian victims.
“And then at the top end of the scale, we’re dealing with nation-state actors, malicious nation-state actors.
“So, it’s asymmetrical warfare.
“It changes every day,” Mr Sheehan said.
Massive theft
Australians are being fleeced to the tune of $3 billion a year by cyber criminals via scams, according to cyber security expert Troy Hunt.
And while he’s hesitant to label the attacks “warfare”, he said the extent of the cyber attacks on Australia’s financial institutions was not well understood by the public.
“I imagine most people are not aware of how prevalent the online attacks are, probably in part because they don’t have a sense of the fact these attacks do originate from all over the world, all sorts of different demographics are mounting them.”
“There are attacks online, attacks against individuals, attacks against corporations.
“It really is prevalent,” Mr Hunt said.
He argues the exponential increase in cyber crime relates to the perceived lower risk compared to, say, physically robbing a bank.
The risk involved with engaging in cyber crimes is different for those in countries where it is unlikely the perpetrator can be extradited.
“The risk is totally different.
“And the reward’s totally different as well.
“It’s not about grabbing cash out of a till, it’s about potentially grabbing hundreds of thousands of dollars or millions of dollars in one go,” Troy Hunt said.
Daily defence
The result is that banks, including the NAB, work hard on their cyber defences.
“We have a call centre and an operations team focused on the frauds and scams issue that is close to 350 to 400 people — they’re on the phone and available to our customers 24/7, 365 [days a year],” Mr Sheehan said.
Like other institutions, the NAB has also told customers it no longer sends text messages to customers with links, so if there is a link in a text message, the customer knows it’s a scam.
Mr Sheehan concedes, though, that once a bank customer hits “send” on a scam payment, it’s usually too late for the money to be recovered.
“If it looks or sounds too good to be true, or if someone’s applying pressure to you that you’re going to miss out on something, or you’re going to suffer a penalty, if you don’t make that payment, they are massive red flags.
“If the story you’re being given, either by a text message, email, whatever, contains either of those elements, don’t hit send on a payment, run a mile.
“Seek advice from your bank, talk to friends or relatives, but don’t hit send.”
The Australian Banking Association, which represents the banking industry, agrees with the NAB that the nation’s financial institutions are effectively at war.
“We are amidst a scams war in this country,” an Australian Banking Association spokesperson told the ABC.
“Banks are working around the clock to protect Australians from scams and the industry will continue to invest record amounts in the latest scam-fighting technology to protect customers.
“Extra safeguards from banks are helping to ensure less Australians are losing money to the international criminal gangs who run many scams.”
The ABA said Australian banks were known to have some of the strongest anti-scam protections in the world.
Posted , updated