Top Stories
Top Stories

Banking expert warns of potential for ‘really bad’ cyberattack

Pro: Be worried if your bank doesn't do this

Cyberattacks on banks need to be looked at with the same kind of urgency as physical threats, because there is the potential for things to get really bad, banking and cybersecurity expert Ben Lawsky said Wednesday.

"We live in a world where each day we are surprised by something new when it comes to the sophistication and the capabilities of hackers," he said in an interview with CNBC's "Power Lunch. "

"You have groups of hackers around the world who are innovating all day long. All they do is try and figure out ways to disrupt our system. It could be really bad."

The banking world was stunned earlier this year when $81 million was siphoned out of the Bank of Bangladesh's account at the New York Federal Reserve Bank. The thieves hacked into the global messaging network Swift to access the funds.

U.S. lawmakers are now investigating the NY Fed's handling of the situation.

Lawsky believes the more pressure there is to improve things, the better. However, he said it shouldn't become overly politicized. Instead, the government and private sector need to work together to come up with worst-case scenarios and then prepare for them.

"We should be really worried about what those worst-case scenarios are and then work with that kind of urgency before we have one of those worst-case scenarios," said Lawsky, who regulated banks in New York when he was the state's superintendent of financial services. He also served on the governor's cybersecurity advisory board.

He said financial institutions need to move away from a username and password model, which is a "terrible system" and akin to having a lock on a screen door. Instead, there should be multifactor authentication.

"If you sign onto your bank account and your bank doesn't ask you for a second identifier beyond your password that's randomly generated at that time and sent to your phone, you should be worried. And you should be worried about waking up tomorrow and looking at your bank account and maybe your money's gone," Lawsky warned.