The future of finance in LatAm & the Caribbean

Covid-19: Cyberthreats add to bank challenges in pandemic

Apr 27, 2020

By Fabiola Seminario
Coronavirus y ciberseguridad bancaria: Auge de ciberataques ponen a prueba la seguridad
Cyber risks for financial services have risen since the Covid-19 outbreak. Banks' digital teams are turning to a range of solutions


The COVID-19 pandemic has added a fresh challenge for digital banking, demanding more robust cybersecurity technologies and an urgent need to improve security in the digital culture, both for employees and end users.

Cybersecurity is not a new risk for Latin American banks. Prior to COVID-19, cyberattacks in Latin America were recurrent and substantial. The most deeply rooted concern has been ransomware, with a 57% presence in the territory, according to the ESET Security Report 2018.

“Because of their line of business, [banks] are more attractive to cybercrime. […] They extract not only financial resources, but also very valuable information for the black market,” says Juan Diego Fallas, technological auditor specialized in banking.

In recent weeks, the surge in internet usage as a result of stay-at-home measures in many countries has weakened cyber security defenses. In Latin America, cyberattacks have become increasingly prolific.

For Fallas, the issue of bank cybersecurity has become relevant in recent years, as a result of the increase in cyber attacks in the region.

“There are banks that have addressed their pending security issues, but [the forecast] has been growing since major cyberattacks in Chile and Mexico. They have had a wake up call in the last 2 or 3 years.”

However, for Felipe Gómez, LatAm manager at Fluid Attacks, the demand for cybersecurity tools has risen as a result of digital transformation in banking.

“With the great growth of digital transformation, and the use of non-traditional channels, banks themselves have assumed a major challenge of securing all the technologies they release.”

See also: Banks bulk up cybersecurity as sophisticated threats reach LatAm 


COVID-19, the new bank bait

Every day, Gmail blocks over 100 million phishing emails, of which 18 million are from COVID-19-related malware, such as Casbaneiro.

This banking trojan, common in Latin America, presents as an email offering information about the coronavirus and how to prevent it. It is a form of social engineering.

Imagen tomada del blog personal de Josep Albors, Jefe de Conciencia e Investigación de ESET España

Image from the personal blog of Josep Albors, head of awareness and investigation at ESET Spain

The trojan collects information from the victim’s mobile device including their name, their banking applications and their security features.

It is not the only such malware out there.  The growing adoption of mobile banking, with a marked upturn in remote solutions being marketed, could also pose its own difficulties. Smartphone users received six mobile malware attack attempts per minute between July 2018 and last July, according to a Kaspersky report. 

But what is the biggest bank cybersecurity threat in the current pandemic?

“The biggest threat we see is neglecting security because of the desire to go into live,” says Gómez, while adding as a “greater risk” that of sacrificing security for speed when releasing new apps.

Applications like mobile banking are among the most-frequently updated software, as banks seek to adapt to the new needs of users.

In this sense, Gómez recommends evaluating 100% of all the changes that are made, so that each time a new version of the application is released, it is secure.

Of course, emails and app not the only threat. Social networks are another vulnerability.

In this example, a fraudulent account imitating Peru’s Banco de Crédito purports to help Twitter users fast-track their government stimulus cash.

Teleworking, another bank cybersecurity risk?

As part of the regional response to COVID-19, many bank employees have moved to working remotely from home, an activity that has raised its own digital security issues.

For David López, vice president of sales for Latin America at AppGate, teleworking is “the biggest experiment” for banking.

Banks have always had updated, audited business continuity plans as a result of regulations and their own initiatives. So in many ways they have been ready for teleworking. “The time has come to test those continuity plans,” says López.

“I would argue that it is a very big challenge for banks because many of them have telework environments planned to continue functioning, but this does not necessarily include a cybersecurity strategy.”


Cybersecurity and the human factor

Unsecured network connections – a risk when employees log-on remotely – are also a vulnerability.

Given this, what tools should be implemented?

Staff need secure communication channels with strong authentication measures, says Fallas. But above that is the issue of awareness, he says.

Awareness on the part of staff is also a substantial issue for Gómez, who says “that staff must always be made conscious of security. It is important for them to be cautious, to act prudently and not to expose themselves naively.”

“40% of cyber vulnerabilities are directly related to the behavior of employees or users according to Gartner,” says Gómez. That figure that could change during the pandemic.

“There are employees who may have anxiety from covid-19 and lose caution when browsing,” says Fallas. For the auditor, the human factor is today more than ever, “a pressing issue” in terms of digital banking security.


Banks respond with education, security tools

Banks are facing the new challenges with a range of measures, from technology tools to customer education.

HSBC, for example, has focused on “improving both the customer experience and the security of their digital channels” to strengthen cybersecurity in digital channels, says Rodrigo Castillo, director of information technology for Wealth & Personal Banking at HSBC Mexico and Latin America.

The bank has implemented technologies that filter out transactions made by robots; validate the identity of customers through biometrics (fingerprint and voice); and monitor, detect and analyze cybersecurity risks in the market 24/7; among others.

“In the event of a cyber attack, we have defined processes and protocols for communication with our clients in a personalized way,” says Castillo, adding that they also provide all their clients with “information on best practices in cybersecurity, identity protection and prevention of social engineering attacks and phishing, among others.”

HSBC Mexico has set up some information boxes on the security measures taken during the crisis, new forms of fraud resulting from the COVID-19, and other relevant information.

Regarding teleworking, Castillo lists a series of procedures to facilitate secure remote work. These measures include using tools that help mitigate security risks and enforcement as well as monitoring and improving remote access controls. In addition, the bank has upgraded its telecommunications infrastructure to support the increase in users working from home, and more.


Cybersecurity Demand: Today and Tomorrow

The coronavirus pandemic has generated significant demand for bank cybersecurity technologies.

That growth comes from the deployment of new online services, as well as at-home communications for staff, says Fluid Attacks.

AppGate says sales of licenses for its authentication technologies have risen 30% in the last month, due to stay-at-home measures and the prioritization of digital channels. Additionally, authentication requests from Latin American banks have increased by 45%.

“Cybersecurity came many years ago, it will continue because the banks are transforming digitally,” says López. “We are going to have to deal with it in a much more skillful way and, above all, to convey the appropriate urgency for our organizations to adopt suitable cybersecurity technologies and strategies.”

Stay ahead of LatAm’s digital banking, fintech and payments industry

Join the global financial technology leaders who read iupana’s Monday and Friday briefings