U.S. financial regulators asked banks step up security measures, as governments and corporations look to overhaul their systems in the wake of recent hacking attacks.
The Federal Financial Institutions Council recommended banks perform regular risk assessments and keep customers informed of online banking security issues. The Council especially urged banks to demand more than one form of customer authentication, as hacking risks increase when people log into online accounts.
“Fraudsters have continued to develop and deploy more sophisticated, effective and malicious methods to compromise authentication mechanisms and gain unauthorized access to customers’ online accounts,” the council warned.
Banks and governments alike may benefit from a ramp up in security efforts, especially as hackers become bolder and more ambitious in their methods and targets.
The recommendations come on the heels of a string of recent government and corporate hacks. In May, hackers stole $2.7 million from Citigroup by attacking over 360,000 exposed accounts. In April, hackers also hit U.S. Bank and Capital One after targeting corporate e-mail and marketing firm Epsilon.
Meanwhile, the International Monetary Fund is still trying to figure out who broke in and stole internal files earlier this month.
Besides major banks, hackers crippled entertainment giant Sony and irked various worldwide governments over the last several months, lending weight to the council’s warning against flimsy security.
Governments are fighting back. Turkey and Spain arrested 35 total members of the hacktivist group Anonymous, who are believed responsible for some of the damage, while the Obama administration beefed up defenses by proposing a new cyber-security initiative that doubles prison times for hacking.
In addition, the Pentagon said it will treat cyber-threats to national security like traditional militaristic offensives. As one military official said, “If you shut down our power grid, maybe we will put a missile down one of your smokestacks.”
Beyond military action, the U.S. Department of Commerce is contemplating rewarding companies that increase security measures. For example, the DoC may spare them legal liabilities if they’re hacked while running the latest technology. Such incentives may prove useful in bringing companies and government agencies up to speed against would-be hackers.
“The Internet is again at a crossroads. Protecting security of consumers, businesses and the Internet infrastructure has never been more difficult,” said Commerce Secretary Gary Locke. “Cyber-attacks on Internet commerce, vital business sectors and government agencies have grown exponentially.”