The country’s financial authorities met to establish a new cybersecurity plan following attack on the Bank of Chile
After the cyberattack on the Bank of Chile, the financial sector authorities and the Ministry of Finance met to analyze what happened and to establish an action plan to help combat any future cybersecurity incidents.
The cyberattack — that prompted the meeting — was confirmed on Monday, June 11, along with the information that hackers had siphoned off $10 million of its funds.
At first, the attackers planted a computer virus as a decoy. Identified as “Malware Swapq”, the virus prevented the bank’s system from functioning properly; giving the attackers the opportunity to release fake fraudulent transactions using SWIFT and transfer the funds to a bank account in Hong Kong, reported La Tercera.
As soon as the incident was detected, security protocols were activated and only four of the transactions managed to materialize. The bank was told to disconnect 9,000 computers in branches across the country in an effort to protect customers’ accounts. At the end of the official statement the Bank of Chile confirmed that deploying the security protocols prevented further loss of the data and funds of its clients.
Earlier this week, the Operational Continuity Working Group led by the Ministry of Finance met to discuss the details of the cyberattack in order to agree on future preventative measures. The outcome of these meetings called for the modernization of protocols and tools that would help to prevent these kinds of incidents, with two new lines of defensive measures announced.
The first line is to request advice from an international organization with the objective of identifying aspects to be improved in order to be aligned with international standards with the aim of being better prepared to face a cyberattack.
The second is a thorough review of the regulatory framework regarding cybersecurity in order to implement the necessary changes so the country has the highest possible cybersecurity standards.
The current cybersecurity regulations in Chile has not been updated since 1993.
You might be interested: