A preview of some of the secondary sources from the financial sector revealed massive cybersecurity challenges and issues that have cost the bank over $178 trillion in the past two years. Of significant concern are the inside jobs and interrelated fraudulent online transactions that involved some employees of the bank. Primary sources used to collect data and have a preview of the fraudulent activities included eyewitness accounts, statistical data, audio, and video recordings, legal documents, and historical data. During the research undertakings, secondary sources were also heavily utilized to put together and verify details of the challenges faced by most financial institutions. The secondary sources used included magazines, newspapers, commentaries, almanacs, and book reviews.
From the findings, it was evident that the Banks accounts and financial transactions have on numerous occasions been hacked and large sums of money withdrawn. At the same time, the sources revealed that some of the attacks and online interference were organized inside the bank by top management of the financial institution. Thakur et al. (2015) argued that the top cybercrimes committed within the financial sector are insider trading. Most of the cybersecurity issues entailed exploiting the weakest link within the banking system. It is evident from the sources that criminal activities that occurred involved online and real-time strategies. The bank has faced high penalties from regulatory authorities due to leakage and attack of customer account details, a feature that has led to the loss of colossal amounts of money. If not addressed, cybercrime/cybersecurity is poised to threaten the trust customer have placed on banks.
Delegate your assignment to our experts and they will do the rest.
From the findings, it is evident that criminal activities against financial institutions are taking a unique aspect and direction. At the same time, emerging trends point to sophisticated strategies committed by highly specialized individuals with technical skills. A significant characteristic of most cybersecurity crimes committed in the year 2017 is exploitation of the weakest link within the system, such as insecure digital channels and gateways.
Abstract
The primary purpose of this report is to unearth the various cybersecurity challenges that most financial institutions have faced in the past two years. The Banking sector has lost trillions of dollars due to fraudulent schemes perpetrated by highly experienced individuals armed with technical skills. At least ten percent of all the cybersecurity challenges the bank has encountered involved some employees of the bank. The cybersecurity threat and crime is the central problem faced by the financial sector in the past two years, a scenario that has led to massive losses. The study utilized both qualitative and quantitative methods to analyze the cybersecurity threats faced by the bank. According to the findings, if left unattended, cybersecurity remains the biggest threat to online banking in addition to banking activities within the financial sector. Thus, due to the sensitivity of the challenge that goes beyond the banking sector, it is critical for the banking sector as a whole to get the full support and involvement of the security and investigative authorities. At the same time, it is crucial for the bank to construct a tech firewall, enact strategic “cybersecurity hygiene,” and weave a robust cybersecurity control system for the whole banking system. The above entails some of the most strategic measures towards curbing cybercrime.
Keywords: Cyber security, password, cybercrime, firewall, system, banking, insider trading
Table of Contents
Recommendation and Feasibility Report 2
Abstract 4
Executive Summary 6
Introduction 7
Operations and Advanced Technology 7
Problem Statement 8
Research Methods 9
Results 9
Recommendation/Conclusion 11
References 13
Executive Summary
The financial sector is faced with one of the most modern and high-tech crimes in the 21st century. For the past two years, the banking sector has lost over $178 trillion as a result of fraudulent online activities and online crime. Majority of the crimes involved insider trading in which employees colluded with criminals and gave out critical information on the bank's financial system. Cybercriminals have also come up with high-tech strategies that enable them to access customer's details in addition to crucial financial trading and activities. The problem is gradually expected to spread to other financial institutions and without proper mechanism and countermeasures, the banking system are bound to encounter numerous losses due to cybersecurity and related crimes.
The recommendation entails several critical and strategic steps that can be implemented by ABC Bank to counter the growing challenge. They include the weaving and deployment of a reliable cybersecurity control system, development of intelligent firewalls, support and involvement of security and investigative agencies in addition to the use of cautious "cybersecurity hygiene such as training of employees on security systems. The plans will entail the promotion of resilience authentication and security controls. An excellent countermeasure to solving the problem of cybersecurity should no doubt cause internal risk examination, the protection against evil conduct in addition to the identification of compromised employees. Deployment of numerous factors and security measures is the only sure way of finding a lasting solution to cybersecurity challenge within the financial sector.
Introduction
For the past twenty-five years, ABC Bank has banked on its slogan of keeping up integrity with pride and self-fulfillment. The Bank was recognized for its outstanding performance in credit management with its shareholders attributing the Bank's success to hard work and commitment to excellent banking service. However, five years into the new millennium, the Bank faced one of its most significant test in which over fifty thousand customer accounts were compromised. Additional twenty thousand accounts had money withdrawn or transferred and emptied. Other ten thousand accounts had customer information stolen and money transferred to offshore accounts. In total, within 24 hours, the Bank saw its once glorious prestige turned to the biggest scandal within the financial sector. According to banking records and wire transfers, the stolen money transferred to offshore accounts could not be traced due to what the Bank attributed to the use of highly sophisticated software that erased all previous banking details from the affected minds.
Operations and Advanced Technology
Due to advancing technology, the banking sector is gradually changing to accommodate and align its activities with the rising trends. For the past year, ABC Bank has been trying its new Blockchain Technology that decentralizes the Bank's financial management system. Kashyap and Wetherilt, (2019, May) argued that the technology's purpose is to move the banking system from centrally based to a broad-based system in which the order is managed and run from various networked computers. The system has its transactions split into what is called blocks of packets that are then put together in the encrypted code or computer code. According to Kashyap and Wetherilt, (2019, May), the encoding is aimed at enhancing the banking systems cybersecurity. The new technology is the advanced version handling new financial trends, especially the bitcoin system and transaction. Since its inception, the Bank has boosted its customer base, online presence, and credit management system. Plans of the Bank involved upgrading of its ATMs to enhance its operations and customer satisfaction.
According to Pandey and Misra (2016, December), Blockchain technology is the mobile and digital banking that has been going on for the past one year. Benson, McAlaney, and Frumkin (2019) argued that although the technology has faced numerous online threats, it has progressed well with increased efficiency online and offline and the Bank has been keen on integrating it with artificial intelligence. It could have been the first Bank in history to have two new technologies running side by side in an attempt to boost its operations and increase its revenue collection. With the latest technologies, ABC Bank was poised to surpass Wells Fargo and Chase bank in customer base and revenue collection alongside its flawless credit facility. From the sources, it is evident that the Bank's rapid online expansion is the number one weak link is established within its system. It is also apparent that the Bank had poor security features that could have enabled online criminals to hack into its operations. Kiwia (2018) and Nourian and Madnick (2015) posited that with increased technological advancement, new threats are gradually emerging, posing a severe threat to financial transactions.
Problem Statement
ABC Bank deployed its new technologies without establishing a strategic security measure. At the same time, the Bank did not have in place hygiene security measures against any imminent threat. A review of the dailies showed that the Bank was in a "good" mood to launch its new systems as a market strategy to challenge its competitors and expand its market share in most states within the country. Security breaches against the Bank took place because of the hurried attitude the Bank approached the launch of its new system. The Bank did not make a critical outlook of the order before the start and was only "excited" by the prospect of being the first Bank to use and avail the Blockchain technology. Sources within the Bank also pointed to the possibility of inside jobs in which the Bank's employees sold out sensitive security features of the new technology to outsiders that could have led to the massive cybersecurity hitch and crime.
Research Methods
The research utilized two qualitative research methods and one quantitative research method. The quantitative research method used descriptive purposes in which the subjects were measured once. It entailed the establishment of links between variables such as the various accounts hacked and money transferred. It also involved the use of computer software that helped in revealing the extent of the financial damage. It also entailed the study of the Bank's textual forms, charts, tables, and business figures.
Qualitative research method involves the structured approach. The technique helped gain an insight into the problem at hand in addition to developing an understanding of the hypothesis or ideas behind the problem. Two methods were utilized under qualitative research.
Individual Interviews that involved interviewing and talking with bank management, customers, employees, and the investigation team was used.
Secondary data analysis involved using newspapers, magazine reviews, independent opinions on the cybercrime and archival study. The research utilized both primary and secondary sources, as indicated above.
Results
From the secondary sources, it was evident that the cybercrime involved the use of highly technical skills. At the same time, it was apparent that the probability of the cybercrime being an inside job was very high. Interviews with the management and employees revealed that there were minimal or little security features that offered security to the entire system. According to the IT department personnel, the security feature that was initially installed expired twelve hours before the attack occurred on the central server of the Bank. The IT department also acknowledged that it could have been a security breach but with inside facilitation.
From the financial accounts, it was evident too that nearly 70 percent of customer's reports were attacked and all money transferred to offshore accounts. A trace to the offshore accounts revealed nothing as the criminals used special software to erase the historical accounts of the banking accounts. During that year, the Bank posted a loss of $100 billion in wire transfers without considering the loss of customer details to the same effect.
The chart above indicates the massive losses the bank made between the years 2013 to 2016 after the cyber breach that led to the enormous loss. Non-performing loans went up in addition to substantial duty losses that resulted from a loss of customer details. Numerous litigations were put on the bank that led to colossal compensation amounts. The bank was further forced to settle most disputes with the clients, some of which were undertaken outside court but attracted huge fines.
Recommendation/Conclusion
Cybersecurity is not just an ordinary criminal activity or networking challenge. It is a complex crime facilitated by highly advanced technologies and persons. It entails crime that ranges from cyber vandalism, theft, and insider trading. Any type or kind of cybersecurity shortage is bound to attract huge losses, especially if the situation is not addressed immediately. Criminals can clean up accounts within a short time leading to enormous losses for the institution. Due to the sensitivity of the situation, it is often mandatory to build strong and capable security measures to safeguard the client’s details in addition to protecting the firm’s reputation. Banking is a sensitive sector, and any security breach is bound to illicit public anger and frustration.
ABC Bank needs to enact strategic security measures that will address any weak link that may be exploited by a criminal. The institution should weave a robust cyber security system that will protect the entire management system from hackers. It should prioritize data security, eliminate risk factors, and identify any potential weak link within the system. The whole of the cybersecurity system or controls should protect the client’s data in addition to banking details. Another critical security feature should be the involvement of cyber investigation security personnel who should undertake strict security measures against any potential threat. The Information Technology department should put in place defenses that are inclusive and wide-ranging. These include features such as cybersecurity hygiene that will ensure that all the security features within the institution are complied with to reduce any potential damage to data or sensitive information held by the bank. Above all else, all security measures in place should acknowledge the fact that cybersecurity is not just a technology-oriented phenomenon, it entails numerous aspects of theft, cyber vandalism, and insider trading and as such any security feature employed should focus on addressing a complete range of security issues.
References
Benson, V., McAlaney, J., & Frumkin, L. A. (2019). Emerging Threats for the Human Element and Countermeasures in Current Cyber Security Landscape. In Cyber Law, Privacy, and Security: Concepts, Methodologies, Tools, and Applications (pp. 1264-1269). IGI Global. https://repository.uwl.ac.uk/id/eprint/4448/1/Human%20element%20Editorial%20Chapter_v3.pdf
Pandey, R. K., & Misra, M. (2016, December). Cyber security threats—Smart grid infrastructure. In 2016 National Power Systems Conference (NPSC) (pp. 1-6). IEEE. http://www.iitk.ac.in/npsc/Papers/NPSC2016/1570293178.pdf
Nourian, A., & Madnick, S. (2015). A systems theoretic approach to the security threats in cyber physical systems applied to stuxnet. IEEE Transactions on Dependable and Secure Computing , 15 (1), 2-13. https://www.researchgate.net/profile/Samuel_Tweneboah-Koduah2/publication/317283254_Cyber_Security_Threats_to_IoT_Applications_and_Service_Domains/links/5ab50b510f7e9b68ef4be69c/Cyber-Security-Threats-to-IoT-Applications-and-Service-Domains.pdf
Thakur, K., Qiu, M., Gai, K., & Ali, M. L. (2015, November). An investigation on cyber security threats and security models. In 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing (pp. 307-311). IEEE. https://www.researchgate.net/publication/282613809_An_Investigation_on_Cyber_Security_Threats_and_Security_Models
Kiwia, D., Dehghantanha, A., Choo, K. K. R., & Slaughter, J. (2018). A cyber kill chain based taxonomy of banking Trojans for evolutionary computational intelligence. Journal of computational science , 27 , 394-409. https://arxiv.org/ftp/arxiv/papers/1807/1807.10446.pdf
Kashyap, A. K., & Wetherilt, A. (2019, May). Some principles for regulating cyber risk. In AEA Papers and Proceedings (Vol. 109, pp. 482-87). https://www.usenix.org/system/files/conference/soups2017/soups2017-conway.pdf