Whenever I have participated in a Systems Engineering study, we look for a single point of failure. That one point where there exists only one point through which the entire system depends on always working. If this single point ever fails, the entire system is susceptible. Now Nish Bhalla, chief executive of Security Compass, has demonstrated how banks can have a single point of failure, here.
Nish Bhalla managed to enter a bank’s network, analyzed the system, then created a fresh account with $14 million dollars out of thin air. If he had transferred the money to an external account, there would have been no complaints from any depositors in the bank, no businesses would have complained they were missing money, no individual. Only the bank it self would have suffered a loss.
The bottom line of the $45 million heist is that banks worldwide are susceptible, even though the perpetrators may not even be on the same continent.
In the case of Security Compass, the perpetrator had to be up close and personal.
The common link is that these banks are susceptible, there is no acceptable amount of loss, because we all wind up making up the shortfall.
I participated in a study of the banking system in the 1990s, and was told that a 1% loss was an acceptable amount of loss by banks at that time, although the briefer would not go on record. At the time the banking system was transferring $4 trillion dollars per day and a 1% loss added up to $4 billion. Four billion dollars was an acceptable amount of loss. That was 15 years ago. I wonder what the acceptable loss is today?
We all have bank accounts and are involved in various banks. For business, for personal use, for investment, for retirement funds, for stocks, bonds, everything. We trust that our banks are secure. But does anyone really know how safe our bank(s) really is or are?
We have all heard the phrase by now, “Too big to fail”? How about the more common banks, are they “Too small to matter?” Not with my money it’s not.
- How I ‘stole’ $14 million from a bank: A security tester’s tale (money.cnn.com)
- Using Ally Bank Online Banking Systems: How to Open a Bank Account Online (ally.com)
- How You Can Get Things Done Despite Single-Point Failures (lifehacker.com.au)
- Sophisticated Bank Hack Leads to $45 Million ATM Theft (cio-today.com)