See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/347440777

CYBER ATTACKS IN THE BANKING INDUSTRY

Conference Paper · December 2020

CITATION READS

1 3,832

2 authors, including:

Adharsh Manivannan
Bournemouth University
2 PUBLICATIONS   1 CITATION   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

cyber crime in banking View project

All content following this page was uploaded by Adharsh Manivannan on 17 December 2020.

The user has requested enhancement of the downloaded file.

 CYBER ATTACKS IN THE BANKING
INDUSTRY
Adharsh Manivannan Dhatchina Moorthy
Faculty of Science and Technology
Bournemouth, United Kingdom
s5230025@bournemouth.ac.uk
ABSTRACT
The integral activity of our early twenty-first
century was revolutionized in the era of
globalization by Internet banking or online
banking. Man has built various means of contact
that are of great importance to him as a social
being for exchanging information, thoughts, and
knowledge. The advancement of e-banking
technology makes the job very simple; with a click,
banking transactions are very fast. Internet
banking and mobile banking make banking fast
and convenient daily. Online and mobile banking,
however, is never 100 percent secure. This study
paper seeks to investigate the most current
scenarioof online banking and cyber-attack. We
focus on cyber-crimes connected to online
banking in this paper and new methods employed
by hackers. This paper also identifies the
emerging online banking-related cybercrime
from various journals and news articles. The
report largely focuses on information available
from the secondary source of data. When dealing
with online financial systems, this paper
thoroughly analyses and explores the
consequences of cyberattacks. The study
concludes that there is a need to raise
consciousness among consumers about the
presence of cybercrime in the handling of online
banking and confidential financial data and how
to defend themselves against these external
challenges.
Keywords— cyber-crimes, cyber-attacks,
mobile banking, online banking, hacking.
INTRODUCTION
Banking has been one of the most fundamental
institutions in any country and the protection of the
customers of banks is paramount for the well-
functioning of the country. Banks have been subject
to numerous risks. The development of computers
has made a great impact in the banking sector
however along with it grew the different ways people
would fall prey to different attacks. . The spectacular
growth in cybercrimes is the main problem for
financial institutions in the 21st century. Criminals
occasionally committed crimes via telephone linesat
the start of the 1970s. The suspects were called
Phreakers and found that, depending on those
sounds, the telephone system in America worked.
These tones were going to be imitated by them to
make free calls. Before the 1980s, there was still no
real cybercrime. One entity has hacked the computer
of another person to locate, copy, or exploit personal
data and information. Ian Murphy, also known as
Captain Zap, was the first person to be found guilty
of cybercrime and it occurred in the year 1981 To
control the inner clock, he had compromised the
American telephone corporation So that customers at
peak hours could still make free calls. Hackers,
however, have persisted in distinct ways over time.
While telecommunications providers were the very
first target, it soon followed banks, online stores, and
even private individuals Online banking is very
popular today, and it offers a major opportunity as
well. Hackers can, for instance, copy log-in codes
and addresses or retrieve credit card and bank
account passwords. The effect is that one can either
empty accounts or make payments online from
someone else's account (Soni 2019)Cybercrime is
one of the world's most prominent and most involved
formsof crime. The internet is after all, available to
everyone and that of course includes risks. It is
unsafe to commit a criminal offense using a machine
or other system linked to the web and the identity of
the suspect is difficult to figure out. From phishing
and investment fraud to ID theft and extortion,
cybercrime can take several forms. To date, since
the lockout began, more than £5 m has been lost to
coronavirus-related scams and £16 m has been lost to
online retail fraud. The bulk of coronavirus-related
fraud includes online sales of personal protective
equipment (PPE), such as face masks, that never
arrive. To persuade the user to open links or
attachments to get them to share personal or financial
details, offenders have even submitted phishing
emails and texts pretending to be from the army,
HMRC, and health bodies.[9]
1. PROBLEM STATEMENT
Cybercrime is a major problem in this world
and mostly all banking organizations rely on the
internet. Cyber-attacks have become an easy option
for cybercriminals to access other confidential data
through the internet, normally hackers are targeting
customer's data and funds, as well as the bank's core
systems. These cyber-attacks are commonly done by
malware and phishing. Cybercriminals are targeting
banks because their data is more valuable, normally
cybercriminals obtain their customer data from social
networks like Facebook. Almost 97% of the
population in the United Kingdom holds a bank
Page | 1
 account with online banking facilities, this plays a c. Transfer Money Between Accounts:
major role in cybercrime. One-third of the cyber-
attacks were fruitful for the attacker who hit on This is one of the best features in online banking we can
financial services. Almost £671 million has been transfer money to our family, friends so easily and, we can
reported as missing due to the card fraudulent attacks transfer money all over the world.
in the UK. Criminals are also learning new d. Online Banking in Mobile Application.
technologies to make cyber-attacks. As the world
becomes digital, security measures must update Most of the bank offers a mobile app to access their online
frequently.[11] banking from this you can transfer money and can use for
shopping. Now some merchants are giving discounts
while paying by banking applications. [1]
2. LITERATURE REVIEW
4. Types of Cyber Attacks
Cybercrime in the Banking Sector
Mostly all the fraudulent attacks have revolved • Denial-of-service (DoS)
around ATM, Money Laundering, Credit Card fraud. • Phishing
The main aim of these attacks is to take over the
user’s bank accounts and funds in such a way the • Malware
attacker occupies the funds without proper • Spam emails
knowledge of the user. Some of the ways to take
control ofthe user's account are explained in the next
• Man-in-the-middle attack
section. In some situations, to enter banks and steal a • Spamming
large amount of money, cybercriminals use banking • Spyware
passwords such as PIN, password, certificates, etc.
while in other circumstances, they may try to steal
all the money and transfer the funds into mule
accounts. Cyber attackers often aim to damage the
bank's reputation and then block bank servers so that
consumers are unable to access their accounts. [7]
Online crimes mostly occur from the nuisance
caused by amateur hackers. This paper also looks at
the data of online crime and many problems.
Problems that banks and police forces face in
controlling traditional law enforcement.[9] The
analysis of this paper shows that significant
improvements are possible in the way of dealing with
online fraud and to study online crime it is suggested
that to understand its economic perspective [8]
Fig:1 Cyber Attacks
3. IMPORTANCE OF INTERNET IN
CYBERCRIME:
4.1 Denial-of-service (DoS):

Most banks offer web-based financial administrations This attack is performed over the network user's
that enable you to pay your bills, transfer cash, and computer to make it inaccessible to the user by
access a record of your financial records exchanges flooding them with messages to trigger the crash.
from your Internet Banking. at any time of the day or
night, makes everything you do with your finances a 4.2 Phishing:
bit easy [5]
a. Pay Your Bills Online: Phishing is the process of acquiring the username and
password of the user without his knowledge. These
From internet banking, you can pay all bills like house user login details can be anything like a bank account
rent, credit card bills, and electric bills, etc through online or social media login credentials.[3]
banking. There are some options for automatic payments
also it will be helpful for all people in their busy work
some people forgot to pay their bill they can use this 4.3 Malware:
automatic bill payment in online banking.
Malware is a type of software that spreads viruses
b. View Your Transactions: through devices to other computers to crash the
system. This can also crash remotely connected
Online banking allows you to access your recent and all
network computers.[11]
transactions are done through your account. It also enables
you to find out any unauthorized transition quickly it is
easy to solve your problem immediately with the help of
online banking.

Page | 2
 4.4 Spam emails:
Spam emails are emails that are pushed inside the
user’s mail account without prior permission. It can
be junk advertisement postings or anything
inappropriate to the user. [3]
4.5 Man-in-the-middle attack:
In this attack, a malevolent actor acts as a middleman
between the transaction between two parties and
gathers the information, and uses it against the users
to gain access.
4.6 Spamming
Spamming is a method of messaging system to send
a spam message to many recipients for advertising [1].
4.7 Spyware
It is malicious software installed in a user’s computer
without their knowledge hacker can access all the
files and their stored file in the system. [4]
5. CYBERCRIME CASES IN UK:
Cybercrime is one of the biggest risks in the financial
sector
I. A widely-held suspicion that UK banks are
covering up the true scale of cybercrime has
been confirmed by the City of London Police
chief Adrian Leppard, who says that up to 80%
of online crime goes unreported to the
authorities.[15]
II. The research shows that the average amount
taken after a security breach was £544 and,
based on this, the website estimates that over
£1bn has been stolen as a result of credit or
debit card fraud in the past year.
III. The number of people canceling cards in the
UK hit 5.2 million in the last year, up from 4.5
million in the year to September 2016, [14]
IV. Bank branch staff worked with the police to
stop £19 million of fraud in the first half of
2020 through the Banking Protocol. The
Banking Protocol is a UK-wide scheme that
enables bank branch staff to alert their local
police force when they suspect a customer is
being scammed. Police will then visit the
branch to investigate the suspected fraud and
arrest any suspects still on the scene. £19.3
million of fraud was prevented and over 100
arrests were made through the scheme between
January and June 2020. The latest figures mean
the scheme has prevented victims from losing a
total of £116 million of fraud and led to 744
arrests since it was first introduced three years
ago by UK Finance, National Trading
Standards, and local police forces.[13]
V. In the UK more than 60% of fraud comes from
mobile devices and 80% comes from a mobile
application. If cybercriminals access your
mobile phone, he can access our mobile
banking also and initiate multiple levels of
cybercrime.[16]
VI. In the first half of 2020, a total of £207.8
million was lost to authorized push payment
fraud, and losses to unauthorized fraud, in
contrast, fell by eight percent in the first half of
this year to £374.3 million, with the banking
and finance industry preventing £853 million
of attempted unauthorized fraud. This was
equivalent to losses seen in the same period in
2019.
6. CYBERCRIME STATISTICS:
The capital city of the United Kingdom,
London is one of the common centers for the
global economy and it is the fifth-largest
national economy worldwide. UK banking
sector is dominated by some large banks like
HSBC, Barclays, Royal Bank of Scotland these
banks are more safest banks but nowadays
improvement of the internet takes us to lose our
money through online banking.
• The largest value of online banking
losses in the UK in the year 2015 is
133.5 million pounds when we
compare this to the year 2014 there is
a dramatic change in losses of money.
• In banks, we have a lot of security, but
we are losing a lot of money. In the
year 2019 remote banking fraud was
the largest type of financial fraud
some of the other financial fraud is
through card payment.
• In 2019 criminals in the UK, they
managed to steal like 1.28 billion
pounds. Almost half of the financial
fraud is completed by credit card
fraud.
Online Banking Losses in UK
160
133.5
Value In Million GBP
140 121.2 123
111.8
120 101.8
100 81.4
80 63.7
51.2 57 58.8
60
40
20
0
Fig:2 Banking fraud losses in the UK
Page | 3
 7. TECHNOLOGY TO IMPROVE BANK:
Technologies used to maintain a security system in the
banking sector
7.1 Firewall for Banking application:
A firewall is a barrier between the internet and your
computer or network. Using a firewall, you can secure
your system from a hacker. Some of the viruses are
spread through the internet that can block by a
firewall. There are two types of firewall
• Personal firewall
• Hardware firewall
a) The disadvantage of firewall in bank
Banks use the same firewall used in companies
firewall do not do much. last seven years no one adds
any updates to the firewall.
7.2 Two-factor authentication:
Banks have introduced a multilayer approach to online
banking login under a new method of strong customer
authentication (SCA). Weak login details can be stolen
easily from social media like name, address, phone
number, etc and if the hacker penetrated the first layer
of defense, they would have to access the sensitive
data of customer like payment history or banking card
number and many banks are using a method of sending
password via message.
8. METHODS TO PROTECT FROM CYBER
ATTACKS:
• Use a secured network while using online
banking or banking application
• Create a strong password for online banking
• Change your password regularly and ensure
it is a strong password
• Remove personal information from social
media
• Check your account regularly
• Do not open emails from an unknown
source as they may contain viruses
9. CONCLUSION
Internet banking has become one of the fastest
and easy ways of banking. It is estimated that 1
in 4 people can likely be a victim of a
cyberattack. Such is the risk present in this
industry, the financial sector must be always
aware of the ever-growing threat in the cyber
world. With the growth of technology, many
individuals have been left in the dark regarding
modern-day advancements in technology
making them vulnerable to cyber-attacks like
phishing and trojans. This vulnerability and the
information gap between the banks and their
customers have opened a dark avenue for
hackers to steal data as well as wealth. There is
no doubt regarding the technological
advancementin this field, as banking is one of
the most sought sectors in the economy and
there will be constant updates to the software in
use the bank is responsible to ensure that their
client’s data is in a safe environment and
constant update to the software in use. The user
should change the password every 3 months;
however, Banks are responsible to ensure that
the user is changing to a strong password. The
bank should use the concept of a trusted device
to ensure the identity of the user while a user is
logging on. If the user tries to log in from an
unauthorized device bank should send an SMS
alert to confirm with the customer. Finally,
people must be aware of their credentials and
ensure that it is not misused, special efforts must
be made by banks to spread awareness and
ensure that the customers do not fall prey to the
scams. These measures can increase
cybersecurity in the banking sector.
References
[1] Datta, P., et al. (2020). A Technical Review
Report on Cyber Crimes in India. 2020 International
Conference on Emerging Smart Computing and
Informatics (ESCI).
[2] Datta, P., et al. (2020). Security and Issues of M-
Banking: A Technical Report. 2020 8th
International Conference on Reliability, Infocom
Technologies and Optimization (Trends and Future
Directions) (ICRITO).
[3] Dhoot, A., et al. (2020). A Security Risk Model
for Online Banking System. 2020 Systems of
Signals Generating and Processing in the Field of on
Board Communications.
[4] Gunjan, V. K., et al. (2013). A survey of
cybercrime in India. 2013 15th International
Conference on Advanced Computing Technologies
(ICACT).
[5] Rawandale, C. J., et al. (2018). “Banking on
Online Banking”. 2018 International Conference On
Advances in Communication and Computing
Technology (ICACCT).
[6] Ronchi, C., et al. (2011). Security, privacy and
efficiency of Internet banking transactions. 2011
World Congress on Internet Security (WorldCIS-
2011).
[7] Claessens, J., Dem, V., De Cock, D., Preneel,
B. and Vandewalle, J., 2002. Onthe Security of
Page | 4
 Today’s Online Electronic Banking Systems. [15]https://www.finextra.com/newsarticle/27226/u
Computers& Security, 21 (3), 253-265. k-banks-covering-up-cybercrime-losses---city-of-
london-police
[8] Moore, T., Clayton, R. and Anderson,
R., 2009. The Economics of Online [16] https://www.dataconnectors.com/technews/21-
Crime. Journal of Economic Perspectives, terrifying-cyber-crime-statistics/
23 (3), 3-20.
[17]https://www.statista.com/statistics/326169/unit
[9] Ali, L., Ali, F., Surendran, P. and Thomas, B., ed-kingdom-uk-online-banking-losses/
2017. The effects of cyber threatson customer’s [18] https://www.ukfinance.org.uk/policy-and-
behaviour in e-Banking services. International guidance/reports-publications/2020-half-year-
Journal of e-Education, e-Business, e- fraud-report
Management and e-Learning, 7 (1), 70-78
[10] Gupta, B., Agrawal, D. P. and Yamaguchi,
S., 2016. Handbook of research on modern
cryptographic solutions for computer and cyber
security. IGI global.

[11] Raghavana, A. R. and Parthiban, L., 2014.

The effect of cybercrime on a Bank’s finances.
International Journal of Current Research &
Academic Review,2 (2), 173-178.

[12] Soni, V. D., 2019. Role of Artificial

Intelligence in Combating Cyber Threats in
Banking. International Engineering Journal For
Research & Development, 4 (1), 7-7.

[13] https://www.actionfraud.police.uk/news/bank-
branch-staff-and-police-team-up-to-stop-19-
million-of-fraud-in-first-half-of-2020
[14] https://www.independent.co.uk/topic/cyber-
crime?CMP=ILC-refresh

Page | 5

View publication stats