About 78% of the former and current employees in the banking sector of Bangladesh are involved with the financial fraudulence, according to a new study.
Around 3% investment of the banks goes to IT security, 64% to hardware, 13% network and rest 20% to software, the study by Bangladesh Institute of Bank Management (BIMB) reveals.
The findings were disclosed by an IT expert and BIBM Associate Professor Md Mahbubur Rahman at a discussion on Cyber Security, arranged by FinExcel, an advisory firm to the financial markets, in the city yesterday.
The information revealed at a time when the biggest ever money laundering incident surprised the people, raising concerns also among the senior bankers of the country.
“Big investment is needed in IT security, but as per the findings this is overlooked,” Rahman told the Dhaka Tribune on the sidelines.
The BIMB findings came after carrying out the study on 50 such cases occurred during the period of 2013 and 2014 in the country’s banking industry.
Around 90% banks are dependent on IT vendors for maintaining very sensitive tasks in the automation, which is riskier for the banks, he said.
Other factors like big gap between bank board and IT, poor IT audit, lack of knowledge, right people in wrong place and unhealthy competition are mainly the causes behind the data leakage, according to the BIBM findings.
The BIBM professor said as threats in IT security continue to mount, “we need to keep IT sector updated for preventing cyber attacks.”
On the $100 million cyber heist from Bangladesh Bank, which took place over one month ago, veteran banker and a director of FinExcel Syed Abu Naser Bukhtear Ahmed has expressed his surprise about the digitally stolen money from the BB.
“It is beyond my imagination,” he said, adding that it must demand enquiry to stop such incident in the future.
He recommended forming a national committee drawing representatives from the country’s IT related people.
PricewaterhouseCoopers (PwC) executive director (advisory) Arijit Chakraborti said when cybercrime rises in any institution, it means that the institution has poor quality of IT security system.
“In most cases, insiders like employees, former employees and vendors are behind the cybercrime.”
“With the growing use of mobile phones and internet, Bangladesh is more vulnerable to cyber attacks, but important thing is that how we can deal with the issue.”
Meghna Bank Managing Director Mohammed Nurul Amin said such incident is really alarming and this is a threat to the digital transformation.
“The banks must be careful about issues like software, recruitment process and IT vendors to check cyber attacks.”
Chairman of Financial Excellence Mamun Rashid said since cybercrime occurs in the country during holiday, Friday should be aligned with the overseas countries to deal with the situation.
Such incident might create negative image for the country, he said, recommending increased investment in IT for fending off the cybercrime.
Rashid, who is also partner-in-charge of PwC, presented a study of PwC on Global State of Information Security Survey 2016.
According to it, in 2015, 38% more security incidents were detected than in 2014 and theft of hard intellectual property increased 56% in 2015.
Employees remain the most cited source of compromise as current employees involvement in cybercrime is 34% in 2015, slightly down from 34% in 2014 and former employees’ involvement 29% from 30% during the period.
Average total financial losses due to security incidents decreased 5% to $2.5m in 2015 from 2014.