Yes, cyber security is probably one of the biggest security threats the world faces right now, maybe bigger than anything else. The threat of cyber crime is ever-growing and keeping phones and laptops secure becomes nowadays one of the most important issues both for the government and for all professional firms such as banks, lawyers or traders.

Cyber security specialists recently have found evidence suggesting that attacks on banks in Poland in February were part of an international hacking effort targeting financial institutions in the U.S., Mexico and the United Kingdom and that these attacks are identical to the 2014 attack on Sony Corp. According to the researchers, the hacks began in October 2016, installing unauthorized code on websites belonging to financial regulators, then using those to attack computers indicated on a list of selected global financial institutions in each country. Most interestingly, these massive attacks have not been focused on seizing the money but on getting access to the data bases of firms and physical persons kept by the banks. None of the banks wants to disclose fully what is the damage which they suffered.

The attacks on the Polish banks started in October 2016 by compromising the website of the Polish Financial Supervision Authority (KNF). The hackers programmed that website to attack banking computers that visited the site, the researchers say.

Security investigators call this technique a “watering hole”. It lets criminals use one common access point to break into a wide range of other organizations. In this case, by infecting a website commonly visited by banking employees, the hackers could hope to spread malicious software onto computers within the financial institutions on their list.

A Polish Financial Supervision Authority spokesman confirmed that the regulator had ‘identified an external attempt to interfere in the operating IT system,’ and had turned over evidence of the incident to law enforcement after restoring the website.

The hackers programmed the hacked web servers to attack computers only if they originated from a short-list of approximately 75 institutions - an apparent effort to keep a lower profile and help evade detection, the researchers say. This list included 19 banks in Poland, 15 in the U.S., nine in Mexico, and seven in the U.K. The attacks also compromised a website belonging to Mexico’s financial regulator, the National Banking and Securities Commission, and a state-run bank in Uruguay.

Whether we like it or not, the state security as well as the economic and legal order in a society are based on the reliability of IT systems. We all know that phones and laptops must be secure, otherwise nothing works properly.  If the IT systems are destroyed, then the entire state will collapse.

Situation is getting really serious. Both for the state institutions and professional firms such as banks, doctors, lawyers or traders cybersecurity must be number one issue because nothing makes sense if the hackers can destroy the IT systems. Both the government and professional firms should install the best equipment to defend themselves and hire the personnel with the highest skills.

Many law firms are still a little bit blasé about the threat of cyber crime and think it does not apply to them. As the Romans used to say, ‘Si vis pacem, para bellum’. We should all be ready.

About the Author

Back to list

Read also