RBC says it was also tar­geted by cy­ber­at­tacks

Sim­i­lar to what other banks have re­ported

National Post (Latest Edition) - - FINANCIAL POST - Ge­off Zo­chodne Fi­nan­cial Post

TORONTO • The chief ex­ec­u­tive of Royal Bank

of Canada says the lender man­aged to fend off ap­par­ent cy­ber­at­tacks that bore a sim­i­lar­ity to in­ci­dents re­ported by Bank of Mon­treal and Cana­dian Im­pe­rial Bank of Com­merce’s Sim­plii Fi­nan­cial.

“All I know is that we had built de­fences to that type of at­tack, be­cause they tried us, and they couldn’t get in,” said Dave McKay, pres­i­dent and CEO of Toronto-based RBC. “Other non-Cana­dian groups have tried to do that to us and we’ve been very suc­cess­ful in de­fend­ing against that for a ... long pe­riod of time.”

BMO and Sim­plii an­nounced in May that they had been con­tacted about “fraud­sters” al­legedly ac­cess­ing the in­for­ma­tion of ap­prox­i­mately 90,000 of their cus­tomers. In an­nounc­ing the in­ci­dent, BMO said they be­lieved the at­tack was orig­i­nated from out­side Canada.

McKay told re­porters at his bank’s in­vestor day in Toronto that he didn’t know if RBC had faced the same group, but that based on “what we know of the strat­egy that’s been shared with us, we’ve seen that strat­egy.”

Cy­ber­at­tacks present a thorny prob­lem for the banks, which con­tinue to dig­i­tize their busi­nesses, and need to main­tain a high-de­gree of cus­tomer con­fi­dence. A re­port from PwC noted “cy­ber risks are an ev­er­p­re­sent el­e­ment in bank­ing, as is the case in other sec­tors.”

In the case of BMO and Sim­plii, both banks said they moved quickly to ad­dress any is­sues tied to cus­tomer data. BMO chief ex­ec­u­tive Darryl White said dur­ing his bank’s sec­ond-quar­ter earn­ings call that they take any at­tack on it and its cus­tomers “ex­tremely se­ri­ously.”

“Pro­tec­tion of cus­tomer pri­vacy is of ut­most im­por­tance to us,” White added.

Still, the Bank of Canada’s lat­est Fi­nan­cial Sys­tem Re­view again iden­ti­fied one of the key vul­ner­a­bil­i­ties as, ac­cord­ing to Gov­er­nor Stephen Poloz, “the pos­si­bil­ity of a ma­jor suc­cess­ful cy­ber at­tack on a fi­nan­cial in­sti­tu­tion or mar­ket in­fra­struc­ture, such as the pay­ment sys­tems that we all rely on ev­ery day.”

“Given how in­ter­con­nected our fi­nan­cial sys­tem is, there is con­cern that a suc­cess­ful at­tack on one in­sti­tu­tion could have widerang­ing ef­fects,” Poloz said in a state­ment, adding the cen­tral bank had been work­ing with ma­jor lenders and Pay­ments Canada “to make sure our coun­try’s key pay­ment sys­tems can re­cover quickly from a suc­cess­ful cy­ber at­tack.”

RBC noted at its in­vestor day on Wednesday that it planned to spend ap­prox­i­mately $3.2 bil­lion on tech­nol­ogy this year, and high­lighted that it had dou­bled in­vest­ments in cy­ber­se­cu­rity in the last four years. The bank also an­nounced in Jan­uary of this year that RBC was open­ing a cy­ber­se­cu­rity lab and in­vest­ing $1.78 mil­lion into re­search at the Uni­ver­sity of Water­loo.

“You cer­tainly are go­ing to play the best de­fence that money can buy,” McKay said of his bank’s ap­proach to cy­ber­se­cu­rity.

McKay high­lighted the im­por­tance of part­ner­ing with ad­vanced com­mer­cial com­pa­nies, such as Cal­i­for­ni­abased Palo Alto Net­works Inc., in ad­di­tion to the need for a solid de­fence, to mon­i­tor de­vel­op­ments and data flows in an or­ga­ni­za­tion.

McKay even told re­porters the bank had hired a top of­fi­cial from the Na­tional Se­cu­rity Agency, the U.S.based elec­tronic spy ser­vice. “You need to keep com­ing at it from so many dif­fer­ent an­gles, be­cause that’s how the crim­i­nals are think­ing,” McKay said. “But cer­tainly, in­di­vid­u­ally, idio­syn­crat­i­cally, we pre­pare for the types of out­comes that you hope never hap­pen, but could hap­pen.”


Pres­i­dent and CEO Dave McKay said RBC had hired a top of­fi­cial from the Na­tional Se­cu­rity Agency, the U.S.-based elec­tronic spy ser­vice.

Newspapers in English

Newspapers from Canada

© PressReader. All rights reserved.