THE BLOG

Because That's Where The Money Is: Cyberrobbery, Backward Banks (and Palette Does Not Rhyme With Ballet)

02/23/2015 02:40 pm ET | Updated Apr 25, 2015

Here, finally, is the great black-ice pileup between so-called "IT" (programmers, code and sterile vaults of server stacks) and "marketing" (shaking glitter onto dog doo). And banks suck it up to avoid revealing their vulnerability and lack of internal controls to regulatory watchdogs, customers -- and thieves.

From the Wall Street Journal this week:

How they did it: If the companies had updated their software, the hackers would have had to find another way in, the report said. The New York Times said employees inadvertently downloaded malware when they clicked on emails sent by cybercriminals. That allowed the hackers to crawl across a bank's network until they found employees who managed the cash transfer systems or ATMs. Then the thieves installed a RAT -- remote access tool -- to capture video and screenshots of the employees' computers.

RAT. I love that.

It's ironic that this latest -- and, by expert accounts, most virulent and sophisticated -- cyberrobbery to date is being analyzed by the Moscow-based cybersecurity firm, Kaspersky Lab ZAO, which reports that the majority of hacked banks appear to be in Russia. According to the New York Times, Kaspersky reported that the cyberthieves remotely installed malware to record keystrokes and screen shots of banks' computers, so that hackers could learn to mimic and control bank procedures.

The malicious software lurked for months, sending back video feeds and images that told a criminal group -- including Russians, Chinese and Europeans -- how the bank conducted its daily routines, according to the investigators...

The silence around the investigation appears motivated in part by the reluctance of banks to concede that their systems were so easily penetrated, and in part by the fact that the attacks appear to be continuing.

"My guess is that there are huge amounts of money stolen from banks," says Steve Rosenbaum, founder and CEO of Pop Art, Inc., a prominent West Coast-based interactive marketing firm and software developer. But, he added, banks sweep it under the rug to avoid panic -- or a little too much accountability.

From my own experience, perhaps partly for that reason, bank CEOs still tend to glaze over when confronted with anything more technical than a boilerplate homepage template, and default to sentencing integrated marketing to death by CIO because a server, screen and mobile devices are involved.

Going in, it's important to bear in mind that career bankers do not choose to be career bankers because they are entrepreneurial. The placid tides of deposits, performing loans and quarter-point interest rate ticks are antithetical to the Banzai Pipeline of, say, sponsored tweets. The reality today is that embedding marketing into IT for personalized sales, promotions and account management is the new "relationship banking" -- a cliché to which one can only say, "What other kind is there?" -- and embedding IT into marketing is the new armed guard at the door.

Though, as McKinsey Quarterly reported recently in an article titled "Brand Success In An Era of Digital Darwinism,"

Companies adept at using digital tools along the consumer decision journey are gaining a sizable lead over competitors.

The difference between a glitter shaker and a chief marketing technologist has been maddeningly obvious to some of us since the day of the 9600 Kbps handshake. The role is mitochondrial, yet bank CEOs insist on keeping the "technology" and "advertising" silos apart and, as information (or at least, the Beautiful Mind-y algorithms of programming) is certifiably power, CIOs jealously resist translation. I cannot think of a single instance where, in front of the top dog at any financial institution, I wasn't hearing myself reducing simple website functionality to paper flow charts while self-checking the word "colors" instead of "palette." I don't necessarily blame the CEOs for that. One of my more teeth-clenching episodes involves a chief operating officer with two teenage daughters who, relentlessly lobbying for control of the cooler turf of Internet creative as opposed to the operation of retail branches, kept confidently pronouncing the most basic term in visual styling as rhyming with "ballet."

"Great interactive agencies have skilled software engineers who can offer outside perspectives to act as a check-and-balance on the IT department, thereby adding to risk prevention and mitigation," says Pop Art's Rosenbaum. Not just to adroitly help allay panic and brand-crushing customer flight à la the 2014 data breaches of Target and Home Depot, but to facilitate fluent translation between IT and marketing by designing against cyberrobbery from the inside out.

Because that's where the money is.

Who said that line? As best I can discover, it's attributed to Depression-era bank robber "Slick" Willie Sutton when asked, "Why do you rob banks?"

Right in there with Baby Face Nelson, Bonnie and Clyde, Butch and Sundance -- and for that matter, as the Too Big to Fails see it, U.S. Senator Elizabeth Warren. But for cybercriminals, there's more to CEOs keeping our neighborhood banks old-fashioned and untranslatable than many CEOs realize.

Marie Woolf has advised financial institutions on a wide spectrum of integrated marketing and design strategies, including in de novo, transitional, and regulatory supervision environments.