The 12 million customer cards were impacted after employees printed and then stole the bank’s master key, according to The Times. The master key is a 36-digit code that enables the holder to decrypt the bank’s operations, access and modify banking systems and generate keys for customer cards. The master key, a 36-digit code, allows anyone who has it to gain unfettered access to the bank’s systems.
Looking into this issue for Digital Journal, Bitglass CTO Anurag Kahol. The analyst considers some general cybersecurity issues affecting finance institutions as well as banking specifically.
Kahol begins his analysis stating: “While hacking and malware are the most common culprits behind breaches, Postbank’s latest security incident demonstrates that defending against insider threats needs to be top of mind for companies. In a survey conducted on IT professionals about insider threats, 59% of respondents’ organizations experienced at least one insider attack over the last 12 months.”
Kahol then turns his attention to those working for the company, noting: “Insider threats are often difficult to identify and remediate because these attacks usually involve the use of legitimate credentials. In this case, rogue employees seized the bank’s master key that allows the holder to decrypt the bank’s operations, modify banking systems and more. Consequently, malicious user activity can be mistaken for legitimate user activity, potentially going unnoticed for extended periods of time.”
In terms of preventative action, Kahol says that: “For organizations to stay secure in today’s high-speed, cloud-first world where data is shared, accessed, and downloaded rapidly, appropriate security controls must be put in place. To properly defend against insider threats and protect customer information, companies must have full visibility and control over sharing permissions. Enterprises should employ advanced solutions that authenticate employees’ identities, detect anomalous activity, and address additional mobile security threats. This is possible by implementing security controls that including leveraging single sign-on, multi-factor authentication and user entity behavior analytics.”
