Banks focus on security after recent hacks

This business runs on trust. If institutions lose it, they lose customers.

By Trefis Oct 8, 2012 1:56PM
Bank sign copyright John Foxx, Stockbyte, Getty ImagesImagine a situation in which you have to make a payment but you can't find your wallet. Thousands of people found themselves in a similar state late last week when they lost access to their banks' websites while trying to pay bills. 

All of those customers were the unfortunate victims of a planned and widespread cyber attack targeted at websites of six of the country's biggest banks, including Wells Fargo (WFC), JPMorgan Chase (JPM) and Bank of America (BAC). The attack took the websites down sequentially, making them inaccessible to customers for hours at a stretch. 


The attackers flooded the websites with millions of requests to load pages, forcing the banks' infrastructures to process more information than they were designed to handle. As a result, the systems turned nonresponsive and customers could not access the websites and hence their own accounts.


And the timing of the attacks -- right at the end of the month -- made things worse for many customers as utility and services bills came due. While the source of this disruption continues to be investigated, one conclusion is obvious: The banks have to shore up their security.

 

Thankfully, the banks' systems were robust enough to thwart any attempts to access confidential customer data, including account details or access information. The temporary loss of connectivity seems to have been the only result.

 

Could this happen again? Unfortunately, yes, which is what has set the banks into action. Although the recent attack did not do much damage, it did expose some serious vulnerabilities in the banks' systems -- which might be exploited with more serious consequences if they are not addressed as the highest priority.


Banks spend millions of dollars each year in the upkeep of their IT infrastructure and boast of some of the most sophisticated computer defenses available. For example, Wells Fargo's IT expenses are likely around $1 to $2 billion a year, considering that equipment and staff costs about 2% to 4% of its total annual expenses. But the fact that the attack was successful in taking down the systems only means that more needs to be done.


Wells Fargo Noninterest Expense as a percent of Dividend Revenues

What if a future attack compromises customers' confidential information? Banks fear that possibility more than their customers do, as banks are responsible for ensuring confidentiality besides safeguarding money. So if a bank's security is circumvented, the bank becomes liable to compensate customers for the breach. After all, the banking business runs on trust, and if a bank loses trust, it loses customers. 

Tags: BACJPMWFC
1Comment
Oct 9, 2012 1:32PM
avatar
Great article -- I've spent the last few months analyzing security at all US banks and you can look up any bank at banklook.com.

People need to understand that they have options - every bank handles things differently - and some work harder than others on this problem.  When consumers start rewarding higher performing banks, you're going to see the wind sucked out of the sails of the attackers.

-Eric
banklook.com
Report
Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates theCode of Conductplease use this form to notify the moderators. They will investigate your report and take appropriate action. If necessary, they report all illegal activity to the proper authorities.
Categories
100 character limit
Are you sure you want to delete this comment?

DATA PROVIDERS

Copyright © 2014 Microsoft. All rights reserved.

Fundamental company data and historical chart data provided by Morningstar Inc. Real-time index quotes and delayed quotes supplied by Morningstar Inc. Quotes delayed by up to 15 minutes, except where indicated otherwise. Fund summary, fund performance and dividend data provided by Morningstar Inc. Analyst recommendations provided by Zacks Investment Research. StockScouter data provided by Verus Analytics. IPO data provided by Hoover's Inc. Index membership data provided by Morningstar Inc.

STOCK SCOUTER

StockScouter rates stocks from 1 to 10, with 10 being the best, using a system of advanced mathematics to determine a stock's expected risk and return. Ratings are displayed on a bell curve, meaning there will be fewer ratings of 1 and 10 and far more of 4 through 7.

123
123 rated 1
262
262 rated 2
480
480 rated 3
651
651 rated 4
649
649 rated 5
629
629 rated 6
616
616 rated 7
496
496 rated 8
346
346 rated 9
111
111 rated 10
12345678910

Top Picks

SYMBOLNAMERATING
EXCEXELON CORPORATION9
TAT&T Inc9
VZVERIZON COMMUNICATIONS8
CTLCENTURYLINK Inc8
AAPLAPPLE Inc10
More

VIDEO ON MSN MONEY

ABOUT

Top Stocks provides analysis about the most noteworthy stocks in the market each day, combining some of the best content from around the MSN Money site and the rest of the Web.

Contributors include professional investors and journalists affiliated with MSN Money.

Follow us on Twitter @topstocksmsn.