A rise in cyber threats will be expected as mutual banks continue their technological advancements, a report by S&P Global Ratings said.
Reportedly, mutual banks have been increasingly using third-party cloud-based technologies that utilize application programming interfaces (APIs), as well as other technologies, in order to meet the growing preference of customers for online banking and other operations within their financial capacity.
However, this comes with the need to possess cyber skills and expertise in order to manage and understand the risks that come with the landscape as credit risk could come about if such challenges are not resolved.
Checkpoint, a cyber specialist, had recently released a research report that showed that global cyber attacks had increased by 7% each week during the Q1 of 2023. Australia saw a 13% increase in reports pertaining to cyber-crime and the cost for every report rose by 14%.
Some notable high-profile cyber events involved the compromised personal identification details of around 10 million subscribers in Australia (Singtel Optus Pty Ltd.), the stolen 14 million records of consumers’ personal information (Latitude Group Holdings Limited), and exposed personal identification information of 9.7 million Australians and health claims data of 480,000 customers (Medibank Private Limited).
S&P Global reported that most of the cyber attacks that were directed at mutual banks only involved data break attacks or brute force attacks that led to cybercriminals accessing the accounts of unsuspecting clients. However, there are only very few financial losses in the case of banks as well as media coverage since such attacks were only low profile.
Despite this fact, it is still expected that attacks on smaller mutual banks in Australia will be much more frequent as the utilization of third-party cloud-based services make data security much more difficult. The growing number of customers makes the technological infrastructure more difficult to protect and requires a bank to have its own set of protocols should there be breaches.
As third-party providers also have the potential to connect various financial institutions, it may pose a large threat should one of them be attacked, leaving banks with a common vulnerability that makes it easy for cyber criminals to target them.
There is also a shortage in cyber skills globally which can also affect the safety of mutual banks as they will have to compete with larger banks, information technology companies, and other corporate entities for cyber professionals who can aid them in strengthening their cybersecurity.
S&P Global’s report said that the Australian Prudential Regulation Authority's tripartite review is an important measure to determine how mutual banks are managing cyber risk. As the initial results showcased the weaknesses that their current systems have, feedback from it may allow them to be one step closer to fully strengthening their defences.
