Imagine a situation where you have to make a payment but you cannot find your wallet. Thousands of people found themselves in a similar state late last week when they lost access to their banks’ websites while trying to pay their bills that were due. All of these customers were the unfortunate victims of a planned and wide-spread cyber attack targeted at websites of six of the country’s biggest banks, including Wells Fargo (NYSE:WFC), JPMorgan Chase (NYSE:JPM) and Bank of America (NYSE:BAC).
The attack took the websites of these banks down sequentially, making them inaccessible to customers for hours at a stretch. And the timing of the attacks – right at the end of the month – made things worse for many customers as their utility and services bills were due. While the source of this disruption continues to be investigated, one conclusion is obvious – the banks have to shore up their cyber security.
- Wells Fargo’s Q1 Results Low Oil Prices, Weak Mortgage Activity
- How Have Card Charge-Off Rates For The Largest U.S. Card Issuers Changed Since 2011?
- What Are The Card Charge-Off Rates For The Largest U.S. Card Issuers?
- How Have Outstanding Card Balances For The Country’s Largest Card Lenders Changed Since 2011?
- How Much Of The U.S. Card Industry Is Accounted For By The Country’s Largest Card Issuers?
- Which Are The Largest Card Issuers In The U.S. In Terms Of Outstanding Card Balances?
Why Couldn’t I Access My Bank’s Website?
Late last week, a foreign group flooded the websites of several American banks with millions of requests to load pages forcing the banks’ infrastructure to process more information than they were designed to handle. As a result, the systems turned non-responsive, and customers could not access the websites, and hence their own accounts.
Thankfully, the banks’ systems were robust enough to thwart any attempts to access confidential customer data, including account details or access information. So, the temporary loss of connectivity seems to be the only result of the attack.
Can This Happen Again?
Unfortunately, yes. Which is what has set the banks into action. Although the recent attack did not do much damage, it did expose some serious vulnerabilities that exist in the banks’ systems – something that can be exploited for a worse consequence the next time if they are not addressed as the highest priority.
Banks spend millions of dollars each year in the upkeep of their IT infrastructure and boast of some of the most sophisticated computer defenses available today. For example, Wells Fargo’s IT expenses are likely around $1-$2 billion a year considering that equipment and staff costs about 2-4% of its total annual expenses. But, the fact that the attack was successful in taking down the systems only means that more needs to be done.
But, What If A Future Attack Compromises My Confidential Information?
Banks actually fear this possibility more than you do, as your bank is also responsible for ensuring your confidentiality besides safeguarding your money. So, if at any time in the future a bank’s security is circumvented, the bank becomes liable to compensate you for the breach. After all, the core banking business runs on trust, and if your bank loses your trust, it loses you as a customer.
On their part, banks will no doubt do their best to plug the holes discovered by this attack. Hopefully, this attack serves as a warning for the banks to address any slack in their systems.