Russia to launch banking IT-security centre

Russian banks to share attack details via IT security centre for the banking sector.

Russia to launch banking  IT-security centre
Russia to launch banking IT-security centre

Tomorrow (5 December) Bank of Russia, the central bank of the Russian Federation, will officially announce its plans to establish a centre of IT security for the Russian banking system.

The role of the new centre will include collating information on cyber-threats in the Russian banking system based on information to be provided by Russian banks.

The launch is to be announced during a meeting of the The Security Council of Russia, a consultative body of the Russian President which provides research and advice that informs the President's decisions on national security affairs.

Dmitry Frolov, head of the department of Security and Information Protection of the Bank of Russia, has informed SCMagazineUK.com that the banks will not be involved in conducting operational-search activities, but will focus on monitoring and coordinating activities, however their powers may be significantly expanded in the future.

Ilya Sachkov, CEO of Group-IB, one of Russia's leading fraud prevention and anti-cyber-crime companies, explained to SC that the new IT centre will gather all available information about cyber-crimes from Russian financial institutions and banks, and will issue alerts about any threats, as well as forwarding the information gathered to the "K" department of the Russian Interior Ministry (a department, focused on the fight against cybercrime).

The new centre will also focus on the development of recommendations and best practice to repel hacker attacks and prevent attempted cyber-fraud.

Russian banks are currently obliged to provide information about cyber-attacks to the Bank of Russia on a monthly basis. According to Frolov,  in the first half of 2014  there were 193,000 unauthorised transfers (mostly write-offs) from more than 41,000 payment cards with a total value of 962 million rubles (£11.5 million) identified by Russian banks. The bulk of this sum is accounted for by thefts via the Internet and mobile devices.

However, some unofficial sources suggest the figures are significantly higher.  According to Eugene Mikhalev, an official representative of the "K" department, the official figures are likely to be understated by at least 10 to 12 times.

Mikhalev notes that bankers are very secretive in these cases due to the high reputational risk involved.  

In the meantime, leading Russian banks have already said that they will be supporting the new initiative of the Bank of Russia.  Wilen Timiriazev, vice-president of Alfa Bank, one of Russia's leading banks, has said that such an initiative is very important and should also involve feedback from the Russian government.

Timiriazev commented to SC: “This means that the new centre should provide operational information on incidents to our bank, enabling us to minimise our own risks. An example of this is installation of skimming equipment on ATMs; when banks suffer these attacks they do not warn other banks about the fact, which endangers even more bank customers. If the banks were aware of this in a timely manner, they would be able to block the suspected card, inform the customer and thus avoid possible further theft of their data and money.”

Analysts also note that the new IT centre will be well placed for inclusion in the national payment system.

According to Alex Malinowski, president of the Russian Association of MasterCard, (an association of Russian banks, which use the MasterCard payment system), taking into account that the transaction , payment and clearing functions for Visa and MasterCard, (which account for 80 percent of the Russian card market), will be carried out by the national system of payment cards of the Bank of Russia, the establishment of the IT centre under the Bank of Russia is seen as a most logical development.

Alex Malinowski commented to SC: "The ability to track all transactions in the international payment system will allow the new centre to take over operational functions in the future, such as monitoring of activity by people previously convicted of fraud, and to inform banks about possible illegal activities and sources of such operations, which may result in their suspension until all the circumstances are clarified.”