Financial Crime World

Financial Crimes and Cybersecurity Threats Haunt Oman’s Banking Sector

A Growing Concern

Oman United Insurance Company SAOG was hit by a ransomware attack on January 1, 2020, which encrypted and infected their data, resulting in the loss of critical information from December 10, 2019 to January 2, 2020. Fortunately, the company’s robust backup system enabled them to recover the lost data within a day.

A Staggering Number of Cyber Threats

This incident comes amidst a concerning trend of cyber threats plaguing Oman’s financial sector. According to the Ministry of Technology and Communication, in 2020 alone, the country recorded:

  • 123 million Web application attempts
  • Over 417,000 confirmed attacks
  • Losses exceeding $1 million

Although this represents a 13% decrease from the nearly 500,000 confirmed attacks reported in 2019, it highlights the ongoing vulnerability of Oman’s financial institutions to cyber threats.

Government Efforts

The Oman government has taken steps to address these concerns, including:

  • Conducting intense security assessments on government websites, which exposed over 41,000 vulnerabilities and 13,000 Internet Protocol addresses
  • Reducing attempted cyberattacks from 880 million in 2017 to 12 million in 2022

The Central Bank of Oman’s New Framework

To further bolster cybersecurity in Oman’s financial sector, the Central Bank of Oman (CBO) recently introduced a new Regulatory Framework for Cybersecurity and Resilience. The framework mandates banks, financing and leasing companies, payment service providers, and money exchange companies to adhere to minimum security requirements.

Key Features of the Framework

The framework is organized into six “Control Domains” or pillars, each focusing on distinct areas of cybersecurity implementation, including:

  • Third-Party Supply Chain Management
  • Online Financial Services

By implementing this new framework, the CBO aims to establish uniform cybersecurity standards across licensed financial institutions in Oman, ensuring they can effectively manage cyber risks.

Benefits of the Framework

The implementation of this framework is expected to have a range of benefits, including:

  • Enhanced capabilities for banks and financial institutions to safeguard themselves against various types of cyber threats
  • Predefined protocols for responding to cyber incidents and minimizing potential damage control
  • Promotion of confidence among investors and the general public, potentially attracting international investments and partnerships

Conclusion

Oman’s financial sector is taking proactive steps to address cybersecurity threats and prevent financial crimes. The introduction of this new regulatory framework marks a significant milestone in the country’s efforts to build a secure financial industry, ultimately ensuring the trust and confidence of its citizens and investors.