Banks, Telecoms, Police in joint effort to counter cyber threats

Financial institutions, telecoms, and security organs have reaffirmed their commitment to work together to counter cyber threats in the face of current technological advancement and innovations.

Friday, January 19, 2018
IGP Emmanuel Gasana and Central bank governor, John Rwangombwa during the meeting in Kigali yesterdaty. Courtesy.

Financial institutions, telecoms, and security organs have reaffirmed their commitment to work together to counter cyber threats in the face of current technological advancement and innovations.

Officials speaking at a one-day consultative meeting in Kigali said concerned organs must enhance information sharing so as to collectively assess cyber security threats and response.

The meeting held yesterday at Rwanda National Police (RNP) in Kacyiru was attended by top officials from financial institutions, telecom companies and security organs in the country.

Speaking at the opening of the meeting, the Inspector General of Police (IGP) Emmanuel K Gasana reminded attendants that, government has developed a National Cyber Security Strategy and established a National Cyber Security Agency that links security organs, public and private sector agencies.

"In addition to cybercrime punishments in the penal code, cybercrime investigation centers have been established to focus on building national capabilities to investigate cybercrimes retrieve and analyze digital evidence from variety of sources,” he said.

To develop its capacities to respond to cybercrimes, Police has introduced Information Security Faculty at the National Police College (NPC), while an African Regional Center of Excellence on fighting cybercrimes is in the offing.

Police has also enhanced regional and international policing partnerships.

Central bank governor, John Rwangombwa observed that over the past decade, the financial sector has changed considerably with emergence of the Internet and the use of new information technologies.

"However, despite the fact that internet development and FinTech growth has brought better control of operational risks, it has also triggered the emergence of new risks. The rapid expansion of networks and technologies, the opening of IT systems to external exchanges, the growing amount of electronic transactions and big data have caused the emergence of a new type of crime dubbed Cybercrime,” said Rwangombwa.

He added that today cyber and data security has remained a priority issue for the financial sector given that, criminals are constantly searching for creative new ways to obtain money from banks and customers through fraud and cyber security vulnerabilities.

Most cyber-attacks are a result of financial malwares, which take advantage of weaknesses in some layers of IT Governance including but not limited to; lack of guiding operational policies and procedures, lack of regular compliance review, lack of security awareness, absence of systems monitoring, and lack of basic security hygiene among others, according to the governor.

"The pace of expansion of the digital world is increasing and hence, technology adoption should be conscious, purposeful and value adding. Under the emerging circumstances, banks need to be mindful of likely attacks from within the bank’s internal core systems and try to plug such vulnerabilities. Banks need to practice "Cyber Hygiene” and my hope is that our Boards and Top Management develop early sensitivity to this important task,” said Rwangombwa.

In 2015, cybercrimes cost the global economy about $126 billion, $450 billion in 2016, approximately $575 in 2017 and is predicted to cost $2 Trillion by 2020.

African countries are reported to have lost at least $2 billion in cyber-attacks in 2016. 

From all cyber-attacks recorded globally, more than 52 percent target financial institutions.

Amongst these, more than 55 percent target banks, and 24 percent target payment systems.

The Commissioner for IT and Cyber Crime Investigations, ACP Peter Karake outlined some of the likely drivers for cybercrimes.

These include gaps in regulating laws, increase of new forms of modern technology, global connectivity, corruption and low expertise in IT security stems among others.

He, however, pointed out that, to beat the cyber criminals, there is need for cooperation and timely sharing of information, adoption of cyber security protection policy, public awareness campaigns, and capacity building.

Representatives of banks emphasized on the standard security skills for their employees, where the CEO of Bank of Kigali Diane Karusisi committed both financial and human resources for training and awareness campaigns on cyber security.

editorial@newtimes.co.rw