RBS/NatWest outage boosts follow-on phishing

News by Steve Gold

RBS/NatWest customers hit by another outage - questions asked about governance and security.

As RBS/NatWest customers were hit by another outage, questions about the governance and security of the bank's IT systems are being asked.

Following an outage of several hours on Monday evening, during which time RBS, NatWest and Ulster Bank customers were unable to use their cards to draw cash or pay for goods plus services, the bank's chief executive has branded this latest problem as "unacceptable."

And as investigations into the outage have begun, security and governance questions have started to be asked, whilst cybercriminals have started targeting the bank's customers - many of whom visited their branch this morning at the early opening time of 8am - with phishing messages and allied attacks.

RBS Chief Executive Ross McEwan has blamed the outage - on one of the busiest days of the shopping year - as down to a failure to invest in technology.

This is the second major incident of its type for the bank, which paid out £175 million last year to compensate customers for a similar outage lasting several days.

Almost as soon as the bank's systems came back online, security specialist Check Point warned customers to watch out for phishing emails which appear to have been sent by their bank.

Keith Bird, the company's UK managing director, says that the emails - which have been flooding the Internet - are being issued by malicious parties to trick customers into revealing their full bank details.

Bank customers, he says, need to be very careful not to click on links in emails, which appear to come from RBS, Nat West or Ulster Bank advising them about changes to account security, no matter how authentic the email seems to be.

"Attackers have jumped at this opportunity to try and trick customers affected by yesterday's technical problems into revealing their bank details. For those attackers, it's just a numbers game, but it could have serious consequences for customers," he said, adding that phishing emails continue to be the most common source for social engineering attacks.

Bob Tarzey, an analyst and director with Quocirca, said that the failure is a major blow for RBS and NatWest, who have experienced one technical problem after another.

"For this to happen in the 21st Century, this is a matter of great concern on several fronts. And, quite frankly, if I were in the IT security business and a customer of the bank, I would be very concerned about the obvious security issues that are involved," he said.

And this, he told SCMagazineUK.com, is before you even begin to consider that the incident makes the bank a more obvious cybercriminal security target.

"Who knows what will be exposed in the longer term, and then there is the issue of what scrutiny the FCA (Financial Conduct Authority) will place the bank under," he explained.

Professor John Walker, a Visiting IT Professor with Nottingham-Trent University and CTO of Xssurance, echoed Tarzey's worries, saying that the IT problems were likely the result of a failure to effectively integrate the various systems that the bank's various divisions have developed over the years.

"This is a classic case of a number of mergers and acquisitions taking place and the bank failing to integrate the IT systems. My observations suggest that this happens [in major organisations] a lot more often than you might think, but the problem - from a security perspective - is that if you don't truly know what IT systems you are looking to secure, what chance do you have of defending them," he said.

"The problem with these types of integrated systems is that there is often no real stability. This is also almost always the result of the organisation wanting to make money with fancy new services, but failing to invest in the IT required to make these new services fly," he added.

Professor Walker went on to say merged entities like the RBS banking group, often do not truly understand what they have got on the IT front. And when coupled with a slack approach on the integration side of things, he noted, the result is multiple outages, potentially affecting millions of customers.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews