Are Americans willing to sacrifice convenience and ease of use to conduct their digital financial lives in a safer environment?
Or will they continue to bank and invest on an Internet that resembles a game of Jenga? An Internet where the next attack could be the one to take down the tower, in an age when artificial intelligence threatens to further amplify risks that have been there since the beginning of digital banking?
And even if consumers are willing to go along with change to produce safety, will legislators and regulators have the backbone to help make it happen?
Tom Vartanian poses such questions in his book, “The Unhackable Internet: How Rebuilding Cyberspace Can Create Real Security and Prevent Financial Collapse.” He has deep worries about all three, but he’s not a paranoid layman. Vartanian is a career financial regulator and attorney, and for a time was in the running for the regulatory vice-chairman post at the Federal Reserve. And he has a professional interest in disaster: His last book was “200 Years of American Financial Panics.” (He was among the first experts we contacted during the 2023 banking crisis.)
Vartanian is a bank lawyer who has made his “retirement job” a crusade to press the question: Why have we built our modern financial system on such an insecure platform, one that exposes our wealth to hackers, terrorists and other bad actors?
As Vartanian discusses in the book and in an interview with The Financial Brand, the world has become so infatuated with digital finance that we are willfully blind to the porous nature of today’s Internet.
Explore a three-month view of consumer transactions and trends during the 2023 holiday spending season, including BNPL activity and mobile wallet purchase performance.
Does the value outweigh the risk? The three key considerations for evaluating whether to invest in growing an internal program or exploring an outsourced solution.
Things Aren’t as Safe as They Seem
“We live in a ‘launch first and patch later’ economy,” says Vartanian. “Everyone’s in a rush to get software and new tech products out, because there’s a benefit to being first in the market. But that means we’re all susceptible to the original sin of bad code.”
And the first to pounce on new tech are hackers seeking weak spots.
“We’re creating vulnerabilities in the system twice as fast as we’re creating solutions,” says Vartanian. This is especially bad for financial services. Without trust and faith in financial services, economies can break down, and Vartanian says the “Wild West” Internet, complete with extensive anonymity and widespread lack of meaningful authentication, puts everyone at risk.
“There have to be some holistic alternatives to an Internet that was never created to be secure. The Internet was created to transmit information, not to store it. And now we’re using it to store all of the value and all of the data on the planet.”
— Tom Vartanian
Washington Spent Decades Reviewing the Same Issues
Vartanian is hardly a lone voice in the wilderness. A major part of “The Unhackable Internet” details at length how administration after administration and Congress after Congress have studied the problem of the unsecure Internet. White papers were published, fat studies printed. Yet little meaningful legislation or regulation has been produced.
Why? “We tend to overemphasize the benefits of technology, over its potential detriments and disadvantages,” says Vartanian. “We look past the disadvantages, and just say, ‘We want the benefits, so let’s let the technology unfold.'”
But there are structural reasons too: “Legislators pretty much know how to turn on a computer, and that’s about it.”
At congressional hearings, questions rarely go beyond the simple basics. “And there’s never any follow-up because they normally don’t understand the answer.”
And then there’s the money.
“Tech has garnered enormous sums and the industry makes enormous contributions to politicians,” says Vartanian. “That’s had an impact in terms of freezing legislation.”
The upshot? As a nation, we are doing more and more on an insecure network — and doing more and more wirelessly to boot. “What could we do to make us as vulnerable as possible to our enemies?’ he asks rhetorically. “We are doing exactly that.”
“Every day that goes by that we don’t undertake the construction of new more secure Internets, the further away we get from solving what may become the greatest threat to the future of humanity,” he writes.
- The Three Most Crucial Cybersecurity Defenses in Banking
- Banks’ Brand Risk Grows As People Become Numb to Cyber Fraud
- Cheat Sheet: Does Michael Lewis’ ‘Going Infinite’ Go Soft on Sam Bankman-Fried?
Three Steps Towards a More Secure Financial Internet
What would action on Internet safety for financial services actually look like? Vartanian says these would be among the essential elements:
1. Put financial services on more secure rails.
Before the Internet took over, many financial transactions relied on private networks with their own access controls.
Vartanian thinks a return to something like that, using elements of the Internet, could improve security and safety.
Part of the problem with today’s Internet is that it is pretty much global. One way for the U.S. to address the issues unilaterally would be to build a new Internet or Internets that would run in parallel with today’s Internet. This is not necessarily a far-fetched idea. Other countries, including Russia, are actively exploring the concept of “sovereign Internets” albeit for their own reasons.
2. Up the ante by stiffening authentication methodology.
Much more robust requirements to prove who you are and why you should have access would have to go along with the new wiring. That means more friction is the price for more safety.
“There’s so much anonymity online that you can do pretty much anything you want and nobody knows who you are,” says the author. “There’s got to be real authentication.” Instead, he says that the Internet has “enshrined anonymity as an online human right.” And that right has ardent defenders, including the United Nations and the American Civil Liberties Union in this country.
Vartanian however says some form of Internet “passport” is essential for a safer online world.
3. Create stiffer enforcement. We need “cyber police.”
If the Internet is a Wild West, then maybe it’s time to swear in some real marshals.
Vartanian thinks people have to start thinking about cyberspace the way they do about the real world.
“Nobody puts their private papers and their most intimate property on their front lawn for people to rifle through — never happens,” says the author. “Everybody locks their doors at night. People have fences around their homes. But none of that exists in cyberspace.”