Getty Images

Sibos 2018: ‘Black swan’ cyber event is inevitable

With security experts and bankers expecting a 9/11-style cyber event, deeper collaboration between companies and governments is necessary to identify emerging threats before they occur

Cyber security experts and most of the world’s leading bankers believe a 9/11-style cyber event is now inevitable.

As 7,000 bankers and bank technologists gathered in Sydney for the Sibos 2018 global conference this week, cyber security, artificial intelligence, robotics and quantum computing were the key technology issues on the agenda.

An online poll of more than 1,000 people attending one of the cyber security sessions revealed that 83% now expect some sort of 9/11 or Black Swan-type cyber event will happen.

The three panellists at the session – Jacqueline McNamara, Telstra’s head of cyber security; Dmitry Samartsev, CEO of Bi.zone, the security arm of Russian bank Sberbank; and independent security architect Troy Hunt – agreed with that view.

Samartsev said current geopolitical turbulence made such an event more likely than not, and painted a chilling picture of what such a cyber catastrophe might look like.

The worst scenario, he said, could be cyber criminals launching a distributed denial-of-service (DDoS) attack on bank networks, coupled with a huge information attack on social networks to spread fear among people that the banks are going down.

This could lead to a domino effect if citizens rush to withdraw their money, leading to a run on the banks.

“So you have trouble with liquidity, trouble for the central banks and the government,” said Samartsev, noting that it was critical for companies and governments to collaborate in order to identify emerging problems and shut down organised cyber criminal operations quickly.

Agreeing, McNamara said cyber security cooperation should be part of proactive planning for cyber events, and not be viewed as a distraction from normal operations. However, she thought the scenario suggested by Samartsev, although credible, would have a different author.

McNamara said a massive 9/11-style cyber attack would most likely be orchestrated by nation states rather than cyber criminals, because such an event would lead to a loss of liquidity – which means criminals would lose access to cash.

However, McNamara and Samartsev agreed on the need to continually educate staff about the risks of phishing.

Read more about cyber security in Australia

  • Australia’s Cyber Security Strategy, aimed at protecting citizens, companies and critical infrastructure, has made significant headway over the past year, but the jury is still out on its long-term impact.
  • The Australian Broadcasting Corporation is the latest organisation to fall prey to misconfigured Amazon S3 storage buckets, exposing database backups and sensitive data such as login credentials.
  • Amid growing cyber threats, Australia’s cyber security centre calls for businesses to be more open about cyber incidents and plug potential loopholes in their supply chains.
  • Unsanctioned cloud apps continue to be major bugbear among security chiefs in Australia, a Symantec survey has found.

When Bi.zone started running its own phishing tests to gauge the risk of employees downloading malware by clicking on a suspect email, 60% of Sberbank’s 300,000 employees fell for the scam. That figure has now dropped to 1%.

McNamara said Telstra had run a three-year phishing education campaign, but it was still possible to trick employees into clicking a link.

One campaign in October 2018 appeared to send staff a colleague’s payslip, she said, “and 60% of people opened it”. This proved the need for ongoing education programmes, she added.

While internal cyber security education is a must, the Reserve Bank of Australia also raised the prospect at Sibos of local banks being subjected to annual penetration testing to assess their cyber security preparedness.

Read more on Hackers and cybercrime prevention