by Hamish Barwick

Economic downturn spawning more security threats: ANZ Bank

Jul 26, 20122 mins
PrivacySecuritySocial Engineering

Cyber crime is set to get worse for Australian financial institutions as global economic prospects continue to look gloomy and more people are tempted into targeting bank accounts, according to one security expert.

ANZ Bank head of group security, Damian McMeekin, told delegates at Security 2012 in Sydney that partly due to global economic conditions, groups from Romania were flying to Australia and engaging in automatic teller machine (ATM) skimming in Sydney and Melbourne.

“It’s an international gang operating on a small level but they’re hitting many ATM machines,” he said.

Two Romanian men were charged with ATM skimming in Sydney in December 2011. The Sydney Morning Herald reported that the pair were caught with $3500 in cash, fake credit and debit cards and card skimming devices.

“Crime is not limited in any way shape or form. It is trans-national and enabled by the cyber world,” McMeekin said.

He added that while super regionalisation into markets such as Asia and off-shoring of some functions was ANZ Bank’s declared strategy, this was expanding its exposure and potential as a proxy target for cyber criminals.

“People rob banks because they have money so we have invested millions of dollars in security,” he said. “This security has displaced a lot of the [cyber crime] issues but they haven’t gone away.”

He also drew attention to another threat faced by companies in the financial and manufacturing industry in Australia which recently experienced what he described as a “basic form” of social engineering.

Social engineering is the technique of using deception and manipulation to gain sufficient knowledge to dupe an unwary individual, employee or company.

“This involves phone calls to chief executives from fraudsters who claim to be a fellow CEO seeking personal details,” McMeekin said.

“A lot of Australian companies found out they were being hit by the same social engineers at the same time. Apparently, this was to create false identities to commit crimes further down the track.”

To keep ahead of the cyber criminals, McMeekin called for more information sharing by the Australian information security industry.

“This community needs to share values, standards, conversations and activities,” he said.

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow CIO Australia on Twitter: @CIO_Australia