ISLAMABAD: Pakistani banks have been directed by the Federal Investigation Agency (FIA) to bolster and upgrade their cybersecurity in compliance with global standards to safeguard their systems from further hacking attacks.
This directive comes considering a recent cyber-attack by hackers who stole large sums of money from accounts and dumped debit card details of many banks on the Dark Web including BankIslami.
During a series of meetings held for two days in Karachi, it was finalized that banks including the State Bank of Pakistan (SBP) would ensure a regular coordination and exchange of information with the FIA, reports Dawn.
FIA team led by its cybercrime wing director retired Captain Mohammad Shoaib conducted various meetings with IT officials of various banks including BankIslami, before going back to Islamabad.
BankIslami was one of the affected banks impacted by the cyberattacks, which culminated in the illegal transfer of money to different countries.
But the banking sector stated there was no threat to the account holders’ money since the bank would reimburse the amount in such an event after a proper investigation.
However, the FIA team believes the recent cyber attacks exposed the weaknesses of the system and hence advised banks to upgrade their IT security in compliance with global standards.
In response, the banks said they were meeting all the cybersecurity criteria.
Also, central bank officials apprised the FIA during the meeting that guidelines had already been provided to every bank.
The officials said the guidelines forwarded by the central bank permitted banks to upgrade and bolster their IT system.
Moreover, the officials said the eventual responsibility for the IT security of the system lies with the board of directors and senior management of the banks/DFIs.
They added the bank’s senior management and board of directors should ensure IT systems in their institutions have in-built security capabilities to offset real-world threats.
And if the banks/DFIs didn’t possess in-house expertise, they could engage outside IT consultants to prepare and assist them in IT security planning.
Additionally, the Pakistan Banks Association (PBA) would also arrange training programmes on the above-mentioned subject for strengthening their in-house capacity in this area.
The FIA held a separate meeting with BankIslami to further the investigation regarding the complain filed by the bank to their office in Karachi.
BankIslami admitted that a major amount had been transferred from it by the hackers based in 45 countries.
In response, the FIA asked BankIslami to provide details to them, so it could be sent to the partner agencies where the crime had arisen.