AI and Emerging Risks to Banking and Financial Services in ASEAN and other frontline markets

Introduction

This blog is based on an article co-authored along with Matthew Lamons, CEO of The Intelligence Factory and is an edited version of the same article.  As a matter of introduction and context, we work closely together to  enable strategic decisioning and risk mitigation through AI.  We felt that the current global risk situation requires far more attention as to how AI and related data science capabilities can help reduce risks to banking in this part of the world. Since we wrote the original article(https://open.substack.com/pub/kaustuv/p/confronting-the-emerging-risks-to?r=9c5n&utm_campaign=post&utm_medium=web), Nikkei has published about the matter, validating our views.   Here is a link to the Nikkei article, but you may need to subscribe and get beyond the paywall. Indonesian cyberattack signals growing threat in Southeast Asia - Nikkei Asia. Recent cyberattacks on Indonesia by the Lock Bit group are mentioned as is the lack of cyber readiness in the wider region. Data back-up is a key concern. We see proactive signalling, end-point security and scenario simulation as key requirements.  

Emerging Risks to Banking in a Strategic Region

The digital age has transformed the banking sector, bringing both unprecedented convenience and equally unprecedented risks. As financial institutions increasingly rely on technology to manage transactions, store data, and engage with customers, they also become prime targets for cyberattacks. Recent high-profile incidents, such as the ransomware attack on Evolve Bank & Trust by the Russian hacker group Lock Bit, underscore the growing sophistication and frequency of these threats.

It is natural for payment infrastructure services and providers of advanced AI-based cybersecurity providers to align and help secure the transactional economy. ASEAN is at the heart of the Indo-Pacific region. It has a GDP of $3.6 Trillion(2022 estimates, last available in January 2024) and a population in excess of 670 Million. It straddles a key part of the world, sitting between India, China and Australia. The Northernmost part of ASEAN is very close to the Nicobar Islands of India while the Southernmost part is not far away from Australia’s Northern Territory and shares the same landmass with the country of Papua New Guinea. The Straits of Malacca is a major shipping channel. The eyes of the world are upon this region. Against this backdrop, it is not surprising that cyber-attacks and cyber espionage constitute a particular concern for governments, industry and people. In this piece, however, we look only at the specific issue of cyber attacks on banking and financial services.

The Synapse Incident: A Wake-Up Call 

The attack on Evolve Bank & Trust, which serves numerous high-profile fintech partners including Mercury, Stripe, and Affirm, has been a stark reminder of the vulnerabilities that even the most advanced financial institutions face. The hackers claimed to have exfiltrated 33 terabytes of sensitive data, including end user Personally Identifiable Information (PII) such as Social Security Numbers, card Primary Account Numbers (PANs), wire transfer details, and settlement files. The breach not only exposed critical data but also highlighted significant deficiencies in Evolve's IT security practices, which had already attracted regulatory scrutiny from the Federal Reserve Board. 

This incident, coupled with the collapse of Synapse, a once-prominent fintech partner of Evolve, serves as a potent illustration of the cascading risks that can ensue from a single security failure. As banks and their fintech partners are intricately linked, a breach in one entity can reverberate across the entire ecosystem, compromising the integrity and trust upon which financial services depend. 

The Rise of Real-Time Payments and Open Banking: A Double-Edged Sword 

The advent of real-time payments and open banking has revolutionized the financial landscape, offering consumers faster and more flexible access to financial services. However, these advancements also introduce new vectors for cyber threats: 

1. Real-Time Payments: The immediacy of real-time payments leaves little room for error detection and correction. Fraudsters can exploit this rapid transaction environment to initiate unauthorized transfers, making it difficult for banks to respond quickly enough to mitigate the damage. 
2. Open Banking: By allowing third-party providers to access bank data through APIs, open banking enhances service offerings and competition. However, it also widens the attack surface, as each third-party connection represents a potential vulnerability that cybercriminals can exploit. 

 The Consent Framework in Open Banking and Attendant Risk

 A consent framework is key to Open Banking being truly what it is called. The interplay between third party service providers, banks and account holders is central to Open Banking. The implications go much deeper than just the transaction itself. A robust framework in practice means that consumers will be able to access multiple service brands from one app, including one bank service app or fintech app. In addition, merchants and service providers will no longer need to go looking for time-consuming tie-ups with multiple banks. APIs will be sufficient for all players within a permitted band of activities and compliance checklists to access a large, universal base of users. The risk intensity is particular when a consumer seeks to use a third-party provider and that provider approaches the consumer’s bank for data. This is where particularly sophisticated levels of fraud can play out. It is possible for the permissioning process between the bank and the consumer to be strong and secure. But there needs to be place a process-and tools-that are always able to sense if a third player is a bad actor. Further, it is also possible that another party may be able to take over a session and capture data for it’s own purposes.

Emerging Online Risks to Financial Institutions 

The Evolve Bank & Trust incident is just one example in a broader landscape of emerging online risks facing financial institutions. Some of the most pressing threats include: 

1. Ransomware: Cybercriminals use ransomware to encrypt critical data and demand payment for its release. Financial institutions, which cannot afford prolonged downtime, are prime targets. 
2. Phishing and Social Engineering: Attackers trick employees or customers into revealing sensitive information through deceptive emails or websites. Financial institutions must constantly educate and train their personnel to recognize and respond to such threats. 
3. Advanced Persistent Threats (APTs): These are long-term targeted attacks where intruders infiltrate a network and remain undetected for extended periods, stealing data or sabotaging operations. 
4. Insider Threats: Employees with access to sensitive information can intentionally or unintentionally cause significant harm. This threat is particularly challenging to manage as it involves trusted personnel. 
5. Supply Chain Attacks: Cybercriminals target third-party vendors that provide services to financial institutions, using them as a conduit to infiltrate the primary target. 

 How AI is Transforming Cybersecurity for Financial Institutions 

To combat these sophisticated threats, financial institutions are increasingly turning to Artificial Intelligence (AI) and Machine Learning (ML). These technologies offer several advantages in enhancing cybersecurity: 

1. Real-Time Threat Detection and Response: AI systems can analyze vast amounts of data in real-time to detect unusual patterns and anomalies that may indicate a cyberattack. Machine learning algorithms can continuously learn from new data, improving their ability to recognize and respond to emerging threats. 
2. Predictive Analytics: By analyzing historical data, AI can predict potential security breaches before they occur, allowing institutions to take proactive measures. This capability is crucial for preempting attacks and minimizing damage. 
3. Behavioral Analysis: AI can monitor user behavior to detect anomalies that could indicate insider threats or compromised accounts. By establishing a baseline of normal behavior, AI systems can identify deviations that warrant further investigation. 
4. Automated Threat Hunting: AI can automate the process of scanning for vulnerabilities and potential threats, freeing up human analysts to focus on more complex tasks. This automation enhances the efficiency and effectiveness of cybersecurity operations. 
5. Compliance and Reporting: AI can streamline compliance with regulatory requirements by automating the generation of detailed reports and ensuring that all activities are documented accurately. This not only saves time but also reduces the risk of human error. 

 Practical Applications of AI in Financial Cybersecurity 

AI-driven cybersecurity solutions are already being implemented across the financial sector, providing tangible benefits: 

• Fraud Detection: AI algorithms analyze transaction patterns to detect fraudulent activities in real-time, enabling banks to block suspicious transactions before they are completed. 
• Identity Verification: AI enhances the accuracy and speed of identity verification processes, reducing the risk of identity theft and ensuring that only legitimate users gain access to financial services. 
• Endpoint Security: AI monitors endpoints such as ATMs and mobile devices for signs of compromise, allowing for swift action to isolate and mitigate threats. 
• Network Security: AI analyzes network traffic to identify and block malicious activities, protecting the institution's digital infrastructure from intrusions. 

Enhancing Financial Cybersecurity 

AI-led real-time threat detection, historical trend analysis, and comprehensive compliance reporting are key steps in this matter. By analyzing log files and monitoring user behavior, it is possible to identify and respond to threats quickly and effectively. Complementing this, an immersive 3D visualization and dynamic simulations enable financial institutions to visualize potential threats, simulate various scenarios, and make informed decisions to enhance their security posture. A configurable framework platform that delivers a full digital infrastructure to banks and other financial institutions, inclusive of the above, helps these institutions safeguard their digital assets, maintain regulatory compliance, and build trust with their customers.  

Leveraging the power of AI and advanced analytics, financial institutions can stay one step ahead of cybercriminals. The recent ransomware attack on Evolve Bank & Trust serves as a stark reminder of the importance of robust cybersecurity measures. In an era where cyber threats are continually evolving, proactive and intelligent cybersecurity solutions are not just an option—they are a necessity. Fortifying your defenses and ensuring the security and integrity of your financial operations are key to a resilient economy and society.