Pakistan's banking system witnesses another cyberattack
KARACHI: The country’s banking system was once again the target of a cyber-attack.
Banks’ ATM cardholders and online users, particularly those maintaining accounts at Bank Islami, need to become extra cautious while doing financial transactions. According to industry sources, ABL and JS Bank have also restricted ATM overseas transaction.
In its immediate response to the security breach, the State Bank of Pakistan (SBP) temporarily “restricted usage of its cards for “overseas transactions (only),” the central bank said in a statement late on Sunday night.The account and card holders may, however, conduct such transactions within Pakistan, a central bank official cautiously told The Express Tribune.
“As a result of security breach of payment cards of one of the banks in Pakistan yesterday and their unauthorized use on different delivery channels ie at ATMs and POS (point of sale) in different countries, the bank has temporarily restricted usage of its cards for overseas transactions,” stated the central bank.
SBP has instructed the bank to take all necessary measures to trace the vulnerability and fix it immediately. “The affected bank has also been instructed to issue advisory on precautionary measures to be taken by customers,” the press release added.
Furthermore, the central bank has also issued directives to all banks to foster arrangements to ensure security of all payment cards in the country and monitor on real-time basis usage activity of their cards, especially overseas transactions. “SBP will continue to assess these developments in coordination with banks and take further measures if required.”
The following directives have been issued to all banks in Pakistan to ensure that; security measures on all IT systems including those related to card operations are continuously updated to meet any challenges in future, resources are deployed to ensure the 24/7 real time monitoring of card operations related systems and transactions, and immediately coordinate with all the payment schemes, switch operators and media service providers the banks are integrated with to identify any malicious activity of suspicious transactions.
“In case of any unusual incidents, banks are advised to immediately report to SBP,” the statement read.
In a notification to the Pakistan Stock Exchange (PSX), BankIslami stated that it detected certain abnormal transactions valuing Rs2.6 million on one of its international payment card schemes on the morning of October 27, 2018.
“All monies withdrawn from the accounts i.e Rs2.6 million have been credited in the respective accounts of valued customers,” said BankIslami’s Unit Head Corporate Affairs Muhammad Shoaib.
“Transactions of approximately $6 million as claimed by international payment scheme are not acknowledged by the bank as the bank was actually logged off from the international payment scheme at that time.”
The notice stated that all cash withdrawal transactions using the bank’s biometric service were restored on the same day i.e. Saturday.
Shoaib, however, added that international payment schemes will be restored after mitigating all the risks.
The latest attack is the third major cyber security breach in the country and second within the banking sector in less than 10 months.
Earlier, Habib Bank Limited and Careem, the ride-hailing app, have faced such security risks. Following which an online expert advised the account and ATM card holders to change their password as soon as possible to prevent online financial frauds.
Industry officials, who are either directly involved in disaster management and damage control measures following the cyber security attack or just monitoring the happening, avoided giving any initial estimate of financial loss to the ATM cardholders and/or the bank faced the attack.
In any case, the bank deposits remain insured. Therefore, the bank and its account holders both would remain unhurt but may have to show-off the record of the fraud to recover the lost money.
Comments
Post a Comment