Will an emergence of Evil Robin Hood attacks cause havoc for retail and banks?
Evil Robin Hood attacks are when a cyber-attacker is able to undermine security at an institution and steal customer funds or credit, purposely funnel those to an organization which the customers are emotionally opposed with, to specifically create customer angst with their compromised vendor. This is an attack to undermine confidence and patronage of customers.
People are never happy with the inconvenience of bank, credit, and retail breaches, but tend to drop the issue once their assets are replaced or credit restored by the financial institution. It is another matter altogether to know your stolen assets have been redirected and are now supporting a political/religious/terrorist cause you are diametrically opposed with. Just replenishing lost funds does not erase the sting that the original assets are working for a terrible purpose. Will customers take their business elsewhere due to insecurity of their vendor, based on principle?
Although I have not seen these attack emerge yet, all indications point they are on the horizon for specific archetypes of threat agents. Although not a likely attack for the typical thieves, who want to benefit directly from ill-gotten gains, it will appeal to activists, terrorists, nation states, vandals, and even unethical competitors who are looking to undermine confidence of customers of financial or retail organizations.
Response to such attacks will force financial institutions to change their tactics. The normal practice of replacing customer’s stolen assets and offering credit monitoring will simply not be sufficient. It will likely cost much more to manage the public relations fallout and push more efforts to attempt retrieval of the assets from the unauthorized recipient. This will prove difficult, time consuming, and expensive.
Would you change banks if this happened?
IT Peer Network: My Previous Posts
My Blog: Information Security Strategy