Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
Blog article
See all stories »

Channels

Security Regulation & Compliance
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Are the banks next

Will the fallout from the News of the World scandal hit the banks next?

It seems that not a day goes by without more revelations of hacking and data theft relating to the News of the World and its sister publications. The latest is that the Sun obtained information that Gordon Brown’s son has Cystic Fibrosis. With the newspaper having this information and the only parties formally aware of it being the family themselves and their doctors’ it would appear that there was either another phone hack or there are leaks from the medical profession. There are also reports that the Abbey National provided financial information about Brown’s accounts to a journalist “blagging” his way through security  - more than six times. Well done that they picked it up – eventually – but surely this was closing the door after the horse had bolted.

With the police being investigated for leaking information on the Royal family and others – for substantial payments from the media – it cannot be long before there is some evidence of payments to staff elsewhere (such as banks or doctors) who have access to confidential information.

The threat of the rogue insider, as described by the information commissioner, is very real and it is relatively easy for staff with authorised access to look at the system for details on a customer. With the added incentive of a payment from a journalist, or even organised crime with other uses for the data, it is all to easy for a cash-strapped employee to be persuaded to provide the information.

Some organisations have great staff monitoring systems, but in my experience there are many which cannot tell if an account has been accessed by a member of staff snooping as their logs only show account transactions and not “views”.  You may wonder how the paparazzi always know which hotel their target celebrity is staying at – it’s easy – phone your contact in the credit card company and see where there has been a transaction or authorisation.

So as the investigations into journalism and ethics at the News of the World continue I’m willing to bet we hear more about paid leaks of other information - and the banks should watch out as they are likely to be the next target. With the public desire for gossip on celebrities and the Royals showing no sign of diminishing if organisations don’t put suitable controls in place to protect data from snoopers both inside and outside their organisation they only have themselves to blame when the regulators and politicians hold them to account.

 



4528

Channels

Security Regulation & Compliance
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Report abuse

Comments: (1)

A Finextra member
A Finextra member 18 July, 2011, 03:36Be the first to give this comment the thumbs up 0 likes

I'd imagine that horse has long bolted. I just had a particularly fun idea for a risk scenario.

A group of hackers recognise a need for change. They plan well ahead. Years. Complex plans. Information gathered. When they want to influence they just arrange for the info to be 're-discovered' by young amateur hackers, who are encouraged to reveal it to the world. Revolutions happened, many jumped on the bandwagon, even governments. Some tried cover-ups, they just made things worse for themselves. The trap had already been set. It was the cover-up trap that was the real solution. First rule of interrogation, don't ask a question for which you don't already know the answer. Some governments tried the authoritarian approach, failing when their economies crashed and the source of their power evapourated. Low level hacking apparently involves the use of axes & requires little instruction. It went on for a long time until people changed their outlook and the need faded a little.

Banks were of course completely unharmed.

Report abuse
Join the discussion
Angus Stewart

Angus Stewart

CEO

www.e-solutions.uk.com

Member since

31 Aug 2010

Location

Needwood

Blog posts

12

More from Angus

Community
See all blogs »
Fintech 

How innovation in encryption is helping secure the credit card approval process

Ghazi Ben Amor

Ghazi Ben Amor

Operational Risk Management 

DORA – Navigating the EU’s Operational Resilience Landscape

Antony Fung

Antony Fung

Fintech 

The importance of risk management in trading

Kate Leaman

Kate Leaman

Digital Identity Management 

Navigating the digital identity landscape: A blueprint for financial services competitiveness

Adam Preis

Adam Preis

Now hiring

See more