Acta Scientific Computer Sciences

Research Article Volume 4 Issue 12

Hacking the Bank and Countermeasures

Trust T Mapoka*, Joyce Tlhoolebe and Keneilwe Zuva

Department of Computer Science, University of Botswana, Botswana

*Corresponding Author: Trust T Mapoka, Department of Computer Science, University of Botswana, Botswana..

Received: April 05, 2022; Published: November 22, 2022

Abstract

Financial institutions are tremendous targets of opportunity for electronic thievery. Intermingled threats, improvements to man-in-the-middle or browser exploits, and advances in malware diversity has resulted in to easy hacks in to the banks by even less-skilled cybercriminals. The hacks usually target something that is of utmost value such as customer credentials and money in the Bank. Historically, banks have purchased various systems to manage threat risks, however their existing perimeter defense controls don’t necessarily integrate well. Banks typically have had various fraud prevention controls with various tools for each type of exploit. Further, as these exploits continue to blossom, regulators have struggled to figure out best practice recommendations. Payment Card Initiatives and other banking regulations are a great start, but they haven’t kept up with the online threat landscape. This paper addresses many ways of hacking the bank and recommend best practices to securing online banking transactions.


Keywords: Financial Crime; Secure Banking; Fraud; Cybersecurity

References

  1. Mohammed A Al-Sharafi., et al. “The Effect Of Security And Privacy Perceptions On Customers’ Trust To Accept Internet Banking Services: An Extension Of TAM”. Journal of Engineering and Applied Sciences3 (2016): 545-552.
  2. Vidhya Jolly. “The Influence of Internet Banking on the Efficiency and Cost Savings for Banks’ Customers”. International Journal of Social Sciences and Management3 (2016): 163.
  3. R Safeena., et al. “Customer Perspectives on E-business Value: Case Study on Internet Banking”. Journal of Internet Banking and Commerce 15 (2010): 1-13.
  4. S Sharma. “A detail comparative study on e- banking VS traditional banking”. International Journal of Applied Research 7 (2016): 302-307.
  5. R K Konoth., et al. “How Anywhere Computing Just Killed Your Phone-Based Two-Factor Authentication”. in Financial Cryptography and Data Security, Berlin, Heidelberg, (2017): 405-421.
  6. G Vaciago and D S Ramalho. “Online searches and online surveillance: the use of trojans and other types of malware as means of obtaining evidence in criminal proceedings”. (2016).
  7. D Wong., et al. “To trust or not to trust: the consumer’s dilemma with e- banking”. Journal of Internet Bus 6 (2009): 1-27.
  8. E R Leukfeldt., et al. “Cybercriminal Networks, Social Ties and Online Forums: Social Ties Versus Digital Ties Within Phishing and Malware Networks”. The British Journal of Criminology 3 (2017): 704-722.
  9. CL Chiu., et al. “Privacy, security, infrastructure and cost issues in internet banking in the Philippines: initial trust formation”. International Journal of Financial Services Management3 (2016): 240-271.
  10. N A G Arachchilage., et al. “Phishing threat avoidance behaviour: An empirical investigation”. Computers in Human Behavior 60 (2016): 185-197.
  11. “Banks Under Attack: Tactics and Techniques Used to Target Financial Organizations - Security News”. (2022).
  12. “Banco de Chile Loses $10 Million in SWIFT-Related Attack” (2022).
  13. “Bangladesh bank says hackers stole $100M from its New York Fed account” (2022).
  14. “Ukraine: US$ 10 Million Stolen From Unnamed Bank via Swift” (2022).
  15. “Vietnam’s Tien Phong Bank Targeted in Bangladesh-Like Cyberattack WSJ” (2022).
  16. “India’s Cosmos bank raided for $13m by hackers • The Register” (2022).
  17. “SolarWinds hack was ‘largest and most sophisticated attack’ ever: Microsoft president”. Reuters, (2021).
  18. L Sterle and S Bhunia. “On SolarWinds Orion Platform Security Breach”. in 2021 IEEE SmartWorld, Ubiquitous Intelligence Computing, Advanced Trusted Computing, Scalable Computing Communications, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/IOP/SCI), (2021): 636-641.
  19. X Wang. “On the Feasibility of Detecting Software Supply Chain Attacks”. in MILCOM 2021 - 2021 IEEE Military Communications Conference (MILCOM), Nov. (2021): 458-463.
  20. J Ko¨ ppel. “Annex 1: The History and Detailed Functioning of SWIFT”. in The SWIFT Affair : Swiss Banking Secrecy and the Fight against Terrorist Financing, Gene`ve: Graduate Institute Publications, (2011).
  21. “Homepage”. SWIFT - The global provider of secure financial messaging services (2022).
  22. R Andrade., et al. “Management of information security indicators under a cognitive security model”. in 2018 IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC), Jan. (2018): 478-483.
  23. Shakeel Durrani., et al. “Design and development of wireless RTU and cybersecurity framework for SCADA system”. (2013).
  24. JM Ahrend., et al. “On the collaborative practices of cyber threat intelligence analysts to develop and utilize tacit Threat and Defence Knowledge”. in 2016 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (CyberSA), Jun. (2016): 1-10.
  25. “Password Cracking – an overview | ScienceDirect Topics” (2022).
  26. “The top 12 password-cracking techniques used by hackers”. IT PRO (2022).
  27. “Password Cracking Techniques - EC-Council iClass” (2022).
  28. “What is Active Online Attacks and how to Defend”. Zerosuniverse (2022).
  29. of Jersey. “Government of Jersey”. gov.je. (2022).
  30. W Hurer-Mackay. “LLMNR and NBT-NS Poisoning Using Responder”. 4ARMED Cloud Security Professional Services, Jun. 06, (2016).
  31. S Mahajan., et al. “BRB dashboard: A web-based statistical dashboard”. in 2017 International Conference on Innovations in Information, Embedded and Communication Systems (ICIIECS), Mar. (2017): 1-6.
  32. “National/governmental CERTs - ENISA’s recommendations on baseline capabilities — ENISA” (2022).
  33. “What is NIST Compliance? | Digital Guardian” (2022).
  34. “Creating and Managing an Incident Response Team for a Large Company”. SANS Institute (2022).
  35. “Hidden Markov based anomaly detection for water supply systems”. IEEE Conference Publication | IEEE Xplore (2022).
  36. PQ Nguyen and J Zhou. Information Security: 20th International Conference, ISC 2017, Ho Chi Minh City, Vietnam, November 22-24, 2017, Proceedings. Springer, (2017).
  37. B Song., et al. “Visualization of security event logs across multiple networks and its application to a CSOC”. Cluster Computing 1 (2019): 1861-1872.
  38. E Nunes., et al. “At-risk system identification via analysis of discussions on the darkweb”. in 2018 APWG Symposium on Electronic Crime Research (eCrime), May (2018): 1-12.

Citation

Citation: Trust T Mapoka., et al. “Hacking the Bank and Countermeasures". Acta Scientific Computer Sciences 4.12 (2022): 53-61.

Copyright

Copyright: © 2022 Trust T Mapoka., et al. This is an open-access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.




Metrics

Acceptance rate35%
Acceptance to publication20-30 days

Indexed In




News and Events


  • Certification for Review
    Acta Scientific certifies the Editors/reviewers for their review done towards the assigned articles of the respective journals.
  • Submission Timeline for Upcoming Issue
    The last date for submission of articles for regular Issues is April 30th, 2024.
  • Publication Certificate
    Authors will be issued a "Publication Certificate" as a mark of appreciation for publishing their work.
  • Best Article of the Issue
    The Editors will elect one Best Article after each issue release. The authors of this article will be provided with a certificate of "Best Article of the Issue".
  • Welcoming Article Submission
    Acta Scientific delightfully welcomes active researchers for submission of articles towards the upcoming issue of respective journals.

Contact US