Last summer, officials indicted cybercriminal Evgeny Bogachev on charges he used two malicious computer programs to steal roughly $100 million since 2011.
To combat the growing risk of financial cyberattacks, the Pennsylvania Department of Banking and Securities has created a task force to inform banking and financial institutions in the state about preventative measures, according to Ed Novak, department press secretary.
“What we’ve done is create a website on cybersecurity,” Novak said. “And on the website, if you’re ... a bank, or you’re a mortgage broker or you’re an investment firm, we have a list of ... industry and regulatory best practices.”
He said cybersecurity has recently become one of the department’s highest priorities.
“The goal of this is to help businesses, especially financial service businesses, reduce their vulnerability to cyberattacks, to help them defend, prevent against cyberattacks,” he said.
Because cybercriminals are always improving their methods, Novak said one challenge is getting businesses to understand they always need to be well prepared for attacks.
“They can never say, ‘Well, we’ve addressed the issue.’ They can never cease their efforts to protect themselves and their customers,” he said. “Cybersecurity is and will continue to be an ongoing and ever-present threat.”
He said some common attacks businesses experience are denial of service and phishing emails.
One cybersecurity aspect companies may overlook is informing employees and customers of how to protect sensitive information, according to Novak.
“Part of our effort here is to raise awareness with businesses,” he said, “that they need to work with their customers and their vendors and do some education on their own, to ensure that the three parties here, the business, the vendor and the customers, understand that there are risks.”
The task force will be comprised of regulatory staff from the Department of Banking and Securities, a legal team and information technology staff.