Are Offshore Banks Safe from Hackers?
Expert says offshore banks lag behind in keeping security infrastructure up-to-date.
Offshore
banks might be tax havens, but they’re no havens in terms of network security,
according to Andrew Hay, a security professional who worked in the offshore
banking industry for some time.
In a talk
given today at the SOURCE Boston
conference, Hay said that many offshore banks, some of which are located in
island nations, aren’t in a position to provide security that’s proportional to
the amount of money they hold.
These
banks are very popular places to store money. Hay cited estimates that 26
percent of the world’s wealth is stored with nations that are home to only 1.2
percent of the world’s population. This includes 31 percent of the net profits
of U.S. multinational companies, he said.
This story is only available to subscribers.
Don’t settle for half the story.
Get paywall-free access to technology news for the here and now.
Subscribe now
Already a subscriber?
Sign in
You’ve read all your free stories.
MIT Technology Review provides an
intelligent and independent filter for the
flood of information about technology.
Subscribe now
Already a subscriber?
Sign in
Hay cited
several factors that contribute to lax security at such banks. For one thing,
he said, government regulations in many island nations make it difficult to
hire non-locals, while at the same time, there’s a shortage of expertise among
locals.
Getting up-to-date tools,
such as firewalls, can also be difficult. Equipment can take a long time to
arrive at an island nation, and when it does get there, it can spend weeks or
months sitting in customs. As a result, companies often have to buy spares for
any new item they purchase, which makes upgrading very expensive.
It’s not uncommon, Hay
said, for companies to operate critical infrastructure with expired system
support contracts. Sometimes, equipment that’s been retired by its manufacturer
is still in use.
Hay said that these banks
are also being targeted by a wide variety of common attacks, including phishing
and website defacement. In some cases, they’re also vulnerable to older attacks
that wouldn’t work on up-to-date infrastructure.
There
hasn’t yet been a high-profile data breach to get the attention of offshore
banks, but Hay warns that it’s only a matter of time.