Big banks team up against cyber attacks

Steve Chiotakis Jan 10, 2012

Steve Chiotakis: The gadgetry on display at the Consumer Electronics Show going on in Las Vegas reminds us about the vulnerabilities of technology — such as cyber-theft. Hacking and identity theft costs businesses billions of dollars a year. And so some banks are doing something they rarely do: Share information with each other to thwart cyber attacks.

The Wall Street Journal reports security officials from Morgan Stanley and Goldman Sachs are expected to discuss creating a data center that would be responsible for sifting through mounds of secret bank information to signal whether any cyber attacks could happen.

Ted Crooks is a banking security analyst and heads up Crooks Analytics. He’s with us now from San Diego. Hey there, Ted.

Ted Crooks: Steve, how are you today?

Chiotakis: I’m doing well — and surprised, as you may be, that banks are even considering working together. I mean, they have an historical sort of laissez-faire, hands-off attitude towards one another, don’t they?

Crooks: Well, they do, at least officially. But behind the scenes, there’s been a lot of cooperation — often through intermediaries — for a long time. It may involve a vendor, it may involve a network, like MasterCard, for example. So there are lots of ways they have worked together, but mostly through third parties. It is rare for them to come together as a group of banks specifically.

Chiotakis: But sharing information — I mean, is that going to work and improve their collective capability to stop cyber theft?

Crooks: I think it will improve their capability, because there are lots of means of detection of threats that work best when you look across all the attempts, rather than just at one slice of them at one bank. But the issues of dealing with privacy — there are lots of technical tricks that can be used, so very often we can share information that reveals the threats, but doesn’t reveal secret marketing activities or portfolio strengths and weaknesses — the kinds of things that banks are sensitive about.

Chiotakis: What do you think finally pushed them to work together, to get together on this?

Crooks: There’s two motivations. The straightforward one is that they’re being attacked by bad guys taking money away from them. And the bad guys cooperate, they know what each other are doing to a large extent, and the banks should do so too. It’s very easy to detect a repeated attack across one bank after another, after another.

But if they don’t share that information, whatever the criminal finds works at Bank A, they’ll do at B, C, and D. And it also has a long-term effect. We’ve built a bit of hothouse for these advanced hackers, making it quite profitable for them. And unless as an industry, and as a society, we can tamp this down a bit and make it less attractive, we give them the opportunity to keep building up better and better strength.

Chiotakis: Ted Crooks, founder of Crooks Analytics in San Diego. Ted, thanks.

Crooks: My pleasure.

There’s a lot happening in the world.  Through it all, Marketplace is here for you. 

You rely on Marketplace to break down the world’s events and tell you how it affects you in a fact-based, approachable way. We rely on your financial support to keep making that possible. 

Your donation today powers the independent journalism that you rely on. For just $5/month, you can help sustain Marketplace so we can keep reporting on the things that matter to you.