The financial sector

experience with information

sharing Patrick Wynant

Manager Banking Operations

Febelfin

B-CCENTRE | 28 March 2012

AGENDA

1. Context 2. Interbank 3. External

B-CCENTRE | 28 March 2012 | 2

Internetbanking in Belgium

• Simple, quick, comfort, cheap... > popular and growing

• Attractive target for cybercrime

• Risks: financial, reputation, continuity…

• Maintain trust in this distribution channel

B-CCENTRE | 28 March 2012 3

Why should we (not) share information?

- Sharing of vulnerabilities is ‘not done’ - Can I trust the information receiver? - What happens with my information? … + understand better the potential vulnerabilities, threats & attacks + assess the impact of incidents + mitigate these threats and risks with (sector wide) measures + …save money

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> • Delicate balancing act • Reciprocity - Win-win

B-CCENTRE | 28 March 2012 4

Internetbanking security information sharing in

Belgium

• Working Group:

• banks + Isabel + NBB (supervisor) + FCCU

• Recurrent + adhoc meetings + Task forces

• Forum of all banks: yearly + adhoc infosessions

• NDA - Disclosure classification: green/amber/red

• Alert communication channel:

• Anonymous (filter) email to list of subscribers

• Template with structured data on new/evolving threat

• No personal data (compliance with privacy regulations)

• CERT.be

• Belgian Cybercrime Centre of Excellence for Training, Research &

Education (B-CCENTRE)

B-CCENTRE | 28 March 2012 5

Financial cybercrime information sharing in

Europe

• WG IT Fraud in European Banking Federation

• ISSG Fraud Information Sharing Expert Group

(CISEG) in European Payments Council (EPC)

• Financial Institutions - Information Sharing and

Analysis Centre (FI-ISAC) - Europe

B-CCENTRE | 28 March 2012 6

External information sharing

> New website (1/12/2011)

www.safeinternetbanking.be

www.internetbankierendoeikveilig.be

www.labanqueparinternetentoutesecurite.be

B-CCENTRE | 28 March 2012 | 7

Internetbanking fraud statistics

• Internetbanking is very secure: # frauds / # sessions = 0,00002 %

• Re-imbursement (except if proven that payer has acted fraudulently)

B-CCENTRE | 28 March 2012 8

The fraudster at work

B-CCENTRE | 28 March 2012 | 9

5 fraud vectors

Security, an issue for my bank?

B-CCENTRE | 28 March 2012 | 10

Veiligheid, een zaak van mijn bank ?

Wat de bank zoal doet om zowel internetbankieren als betalen via het internet zo veilig mogelijk te laten verlopen is terug te vinden onder de rubriek “veiligheid, een zaak van mijn bank”.

Security, also my business/concern?

B-CCENTRE | 28 March 2012 | 11

Veiligheid, ook mijn zaak ?

De site zet bovendien alle tips op een rijtje waarmee de consument zelf kan bijdragen aan de veiligheid van zijn online transacties. Deze tips & tricks zijn terug te vinden onder de rubriek “veiligheid, ook mijn zaak”.

External information sharing > Press

| 12

• Febelfin press releases (‘malware’) :

• 18 August 2011

• 26 September 2011

• Press in January 2012

• Phishing 9 March 2012

Mon argent,

4 november 2011

Le Soir,

19 augustus 2011

B-CCENTRE | 28 March 2012

La Libre Belgique,

4 januari 2012

De Tijd, 3 januari 2012

Het Nieuwsblad,10 maart 2012