Professional Documents
Culture Documents
CASE STUDY:
REFERENCES: ............................................................................................................................... 7
1.0 Introduction
According to Banking Journal, organisations in the financial sector recorded 703 cyber-attack
attempts per week in Q4 2021, a 53% increase over the same time in the previous year. Per
statistics, a cyberattack occurs every 10 seconds on a global scale (CheckPoint, 2023)
The first cyberattack took place in May 2016. The threat actors sent a phishing mail to one of
the bank’s employees who took the bait. This allowed them to install malware in the victim’s
PC and access another computer that allowed entry into the STAR network.
The bank uses this technology to manage debit card transactions for customers. The Network
could control how clients used bank cards and ATMs, as well as their accounts.
The hackers were able to modify the withdrawal limits and daily debit card usage limitations
after gaining access to the bank's networks. They were also able to manipulate and change
users' 4-digit personal identification numbers (PINs). The perpetrators also stole about
$570,000 from consumer accounts using ATMs across North America.
However, when a second heist occurred only eight months after the first, the security measures
that had been put in place proved to be useless. Using the tried-and-true phishing email
technique, hackers broke into the bank's system once more in January 2017.
This time, in addition to gaining access to the STAR Network, the hackers had managed to
breach a workstation connected to Navigator, a program the bank uses to track debits and
credits in a customer's account. Attackers who gained access to the Navigator were able to keep
a close eye on their victims' accounts and even remove access to fraudulent debits. According
to reports, the second breach cost the bank $1,833,894 in losses.
No group has claimed responsibility for the attack. Nonetheless, one of the most popular threat
groups targeting financial institutions is Lazarus and may be behind these ones.
While banks do have very little control over people's actions because they have the freedom to
handle their accounts responsibly or carelessly. It is practical for the institution to apply strict
security standards that must be met for individuals to access their accounts on the bank's
website. This involves making the use of strong passwords, particularly ones with several
character variations, and multi-factor authentication necessary.
The web portal and applications for the bank must have highly secure. One of the most frequent
cyberattacks on banks is malware, although a security mechanism has been developed to
prevent it: Malware Security for Computers and Networks. It performs the following;
Technologies for monitoring, logging, and blocking are another security precaution that banks
might use. By doing this, consumers can make sure they aren't the target of a cyberattack. If
there is an attack, it will aid by offering an auditable trail that the security team can use to
access the situation, and identify the source, so the assault could be recognized, investigated,
and a remedy could be offered. Security should be controlled by a reputable security source
supplier.
The benefit of adopting professionally managed security is a 24-hour monitoring and incident
response that will detect and assist in dealing with any security/network alert breach and
responding in time before any significant damage is done by isolating and neutralizing the
threat.
Banks can safeguard internal teams and protect the data by ensuring that the security of each
endpoint is admitted into a centralized protected Network. All devices connecting to the central
network must be secured, typically using a VPN service.
Data should be secured since it is one of the most important assets for any firm and because
hackers may view it as a valuable target. Data should be encrypted using a sophisticated
algorithm, such as Advanced Encryption Standard (AES), to ensure that cyber attackers will
not be able to access it without the corresponding decryption keys even in the event of a serious
security breach or assault.
Financial organizations should construct firewalls to prevent brute force assaults from
damaging the system. Additionally, to distinguish between the staff and users, each employee
should have a personal account and unique login credentials. As a result, once the staff system
is automatically configured such that no further rights are needed for them to carry out their
duties, the likelihood of cyberattacks from improper access would be reduced.
This is crucial for the staff and employees is another crucial security precaution. This will
inform and remind them of the methods and tactics that hackers use in their attacks. The
majority of cyberattacks happen because the personnel is uninformed or has not received the
necessary training for security breach situations. The personnel should be equipped to: