In a shocking revelation, the head of the Federal Investigation Agency’s (FIA) cybercrime wing has said data from “almost all” Pakistani banks was stolen in a recent security breach.
“According to a recent report we have received, data from almost all Pakistani banks has been reportedly hacked,” FIA Cybercrimes Director retired Capt Mohammad Shoaib said on Tuesday.
When pressed to clarify, the official said data from “most of the banks” operating in the country had been compromised. Speaking to the media, Shoaib said hackers based outside Pakistan had breached the security systems of several local banks. “The hackers have stolen large amounts of money from people’s accounts,” he added.
“The recent attack on banks has made it quite clear that there is a need for improvement in the security system of our banks,” he observed. He said the FIA has written to all banks, and a meeting of the banks’ heads and security managements is being called. The meeting will look into ways the security infrastructure of banks can be bolstered.
“Banks are the custodians of the money people have stored in them,” Shoaib said. “They are also responsible if their security features are so weak that they result in pilferage.”
It wasn’t immediately clear when exactly the security breach took place. According to Shoaib, more than 100 cases are being investigated by the agency in connection with the breach.
“An element of banking fraud which is a cause of concern is that banks hide the theft [that involves them]… and the clients report [the theft] to the banks and not to us, resulting in a loss of people’s money,” he said.
“We are trying to play a proactive role in preventing bank pilferage,” he added.
Shoaib said the agency has arrested many gangs involved in cybercrimes and recovered stolen money from them. A gang was arrested last week whose members used to disguise themselves as army officials and withdraw money from banks after gathering people’s data, the official added. The disclosure comes days after around 10 banks blocked all international transactions on their cards, as concerns about a breach of credit and debit card data spread in the banking circles.
Sources said that the State Bank of Pakistan (SBP) has been informed by several commercial banks that they have blocked international payments on debit and credit cards as a precautionary measure after cyber attacks on their clients’ accounts. According to a digital security website krebsonsecurity.com, data of over 8,000 account holders of about 10 Pakistani banks was sold in a market of hackers.
A large Pakistani bank sent messages to its clients that online mobile banking services would be terminated for a temporary period from November 3 onwards on ‘technical grounds’. The first cyber attack was reported by BankIslami on October 27. The bank said that Rs2.6 million was stolen from international payment cards after which it has stopped such transactions and allowed biometrically verified payments only on ATM cards within Pakistan.
Next day, the SBP issued directives to all banks to ensure that security measures on all information technology systems — including those related to card operations — are continuously updated to meet future challenges, ensure real-time monitoring of card operations related systems and transactions and immediately coordinate with all the integrated payment schemes, switch operators and media service providers.
The State bank of Pakistan, however, has rejected the reports circulating in the mainstream media that the data of most banks had been hacked.
In a clarification statement on Tuesday, the SBP said, “There is no evidence to this effect nor has this information been provided to SBP by any bank or law enforcement agency.”
According to the central bank, with the exception of BankIslami, no breach has been reported. In a comment on the temporary suspension of the international transaction by the number of banks, the SBP said, “All these temporary restrictions would be lifted once appropriate IT security measures are in place. It is stressed, that all restrictions pertain only to cross-border transactions, and no bank has instituted any restriction on domestic transactions.”
The central bank has already instructed all banks to take steps to identify and counter any cyber threat to their systems in coordination with international payment schemes. Representatives of payment schemes have also assured that all steps are being taken to help banks in identifying any cyber threat on card systems and have offered additional controls to them.
SBP is engaged with the international payment schemes, payment operators and banks to monitor the current situation in order to ensure the security of the banking system.