What Singapore banks need to know about protecting privileged accounts

Most people have been following the story on the Bangladesh Central Bank Heist. If you haven’t, here is the scoop and timeline. On May 15, 2015, three bank accounts were opened at the Rizal Commercial Banking Corporation (RCBC) in the Philippines. Each of these accounts would lay dormant until February 4, 2016.

It was only later that the authorities discovered these accounts to be fake. It turns out that cyber criminals who attempted to steal nearly US$1 billion from the Bangladesh Central Bank had been planning the heist for almost a year. Thanks in large part to a spelling error, the attackers made off with “only” US$81 million of the total attempted amount.

This is just one of numerous other similar bank heists that are only now coming to light. The advent of these incidents has led to an increased focus on financial service institutions (FSIs) in Asia as many of them are potentially vulnerable to cyber attacks due to the rapidly changing IT landscape.

The emergence of cloud technology is a key trend that is set to change how banks operate. As cloud computing helps to improve staff productivity and efficiency in back-end processes, IT analyst firm IDC expects at least 80% of FSIs in the Asia Pacific region (excluding Japan) to run on a hybrid cloud architecture by 2018¹. The cloud also enables banks to enhance their agility and increase the scale of their customers.

In fact, DBS Bank recently became the first bank in Singapore to adopt cloud-based productivity technology – enabling staff to change the way they work and make a leap forward in terms of mobility, efficiency, and productivity. With the bank’s adoption of cloud, it aims to empower its staff with a set of productivity tools that enable them to be more nimble and responsive to customers’ needs by providing a seamless experience².

While the case for cloud adoption is compelling, such a leap forward – like any technological change – exposes banks to a higher level of susceptibility for cyber criminals to penetrate their systems, paving the way for a potential loss of funds and information. As banks increasingly shift technological applications and infrastructure to the cloud, privileged accounts in public, private, and hybrid cloud environments grow exponentially. No matter where they “live” – on-premises or in the cloud – privileged accounts need to be protected accounts.

Users who have wider access to corporate information and data are known as “super users” or “privileged accounts”. These individuals – including non-IT personnel – as well as accounts associated with certain applications possess the credentials to acquire critical data and resources within IT networks and are thus a target group for cyber criminals.

Therefore, it is imperative to secure such accounts as they are often used to facilitate sensitive financial transactions. The onus is on IT teams to protect privileged accounts from the dangers of cyber threats lurking around.

In cloud environments, new, powerful credentials are created to provision, configure, and manage thousands of machines from a single console. By constantly creating new privileged accounts without adequate management controls in place, the organisation is exposed to a number of unique security challenges. Detection and monitoring of all activity is critical to safeguard organisations moving to the cloud, while adhering to compliance demands.

Privileged accounts in the cloud are secured, monitored, and managed with automation tools such as Chef and Puppet that are built into the cloud environment. These enable automatic provisioning and seamless integration during cloud migration and on-going management of these privileged accounts. Having a holistic solution in place limits the risks of unauthorised access to privileged accounts, allowing organisations to enjoy the benefits of cloud computing.

Users would gain a plethora of benefits from ensuring privileged account security across virtualised and cloud environments. A single platform for privileged account security and compliance for all servers, network devices, and applications facilitates efficient operations and streamlined management.

Additionally, implementing single sign-on access to cloud-based servers and applications for IT admins provides ease of use for admins and an additional layer of security for the organisation, without requiring new passwords, identity, and access solutions.

Monitoring super-user accounts is essential for banks to proactively detect security threats. By collecting and analysing super-user account activity, IT teams will be able to identify and alert on anomalous behaviour indicating malicious activity.

As Singapore banks keep pace with rapid technological advancements, cyber criminals will also develop more sophisticated attacks. As such, keeping security at the foreground of any implementation process is critical to ensure that banks are protected.  

¹IDC FutureScape: Worldwide Financial Services 2016 Predictions – APEJ Implications
²Strategic initiative in line with efforts to create ‘fintech-like’ workforce well-placed to shape the future of banking, DBS Bank
https://www.dbs.com/newsroom/DBS_first_Singapore_bank_to_adopt_cloud_based_productivity_technology_in_the_workplace