In the latest report of a high profile cyber security breach of a financial institution in the region, last week it was reported that Qatar National Bank (QNB) was the victim of a hack in which personal details of many of the institution’s clients were posted on social media.
According to a report in the Financial Times, the 1.4GB leaked file includes the names and passwords of thousands of QNB customers. Subfolders within the leaked data divide individual details into further categories including staff at Al Jazeera, members of Qatar’s ruling Al-Thani family, and intelligence and defence officials.
According to a cyber security expert quoted in the Financial Times article, the breach was the work of a hacker who had gained unlawful access to QNB’s system as long ago as July 2015, this being the time the presence of a secret insertion tool was identified in a subsequent review of the log file.
Thus the hacker is believed to have been present within QNB’s system since last July, having been able to work within the environment and profile numerous customers.
QNB claims there was no direct financial loss as a result of the hack, though the cost of the reputational damage to the institution and in fact to the country is likely to be significant.
Each new breach teaches us different things and in this case, DarkMatter identifies the following key learnings:
DarkMatter conclusion and recommendations
This latest breach offers another insight into why institutions need to develop stronger, pro-active cyber defence postures. DarkMatter advises that institutions:
The recommendations above are incorporated under DarkMatter’s a four-stage Cyber Security Life-Cycle approach, which encompasses planning, detection, protection, and recovery.