Institutions need to know and understand the scope and operations of their digital assets in order to be able to identify any abnormalities as quickly as possible, said Eric Eifert, a senior vice-president with UAE-based cyber security specialist DarkMatter.
According to published reports, QNBs online defences were breached as far back as July 2015. The secret insertion tool used by the hacker is reported to have been embedded into the log file since July 2015. The hacker effectively managed to pull out data and profile the banks customers for approximately nine months until the data was leaked on the banks website on 26 April.
Without directly confirming the cyber attack incident, QNB has assured customers that it is investigating social media speculation in regard to an alleged data breach adding that the alleged attack had no financial impact on its clients or on the bank itself.
Indeed one security expert had ruled out financial gain or stealing as potential motive behind the attack. Instead, the hacker apparently bears the hallmarks of someone in Qatar trying to find dodgy transactions or someone trying to expose something in Qatar.
DarkMatter has not also ruled out the possibility of the attack having been orchestrated by state-sponsored agents due to the inclusion of direct references to spies, government or royal family members, and the media in the leaked information.
Nevertheless Eifert cautioned that financial institutions remain a top target for hackers either for financial gain or to interrupt operations and embarrass organisations. As such, banks need to develop even greater cyber security resilience in their digital systems, Eifert said.