Title: Report on recent breach at First Union Bank
Name: Sandeep K Reddy Udumala
Course: Information Security technology
Professor Name: Mr. Janos Mako
University: Northeastern University
Date: February 15, 2015 Deliverable #1 Hackers and their motives
This current generation of attacks, which includes the advanced persistent threats (APTs), is mainly focused on acquiring something valuable—sensitive personal details, intellectual property, authentication credentials, insider information, and the like. Skilled potential hackers tend to spread malicious bank Trojan viruses that allow remote access to a computer, manipulate a financial institution’s online information system, corrupt data, and impede the quality of an information
…show more content…
Their motivation is pure financial gain.
A data breach, one of the threat exists allows the information and data to go out from the banking system, making it viewable to others. Some of the examples of potential hazards and which remain the main motives of the electronic banking system are during on-line transactions, transferring funds, and minting electric currency, etc.
In a recent report published at the end of last year, it was found that Trojans had been used to target more than 1,400 financial institutions in 2014, with the top US banks being the main target.
The main reason these attackers pop is for the violation of system security is all about the money, challenges to intercept data, challenges with acquaintance, data breach, and poor authentication and authorization. These Hackers have an infinite amount of time to craft a new attack while blacklist-based security solutions only have a split second to react. If the attack is a zero-day exploit, it will bypass definition-based security, such as WAFs. The integrity of the system can also be affected, when these irresponsible people alter and changing the data information in the system, for example exchange a sum of money to their own account.
It is important to realize how the security aspects in a banking system can influence such
As mentioned by Kim Zetter (2015), Botnets have been around for more than a decade and have become one of the most popular methods attackers use to hijack machines and make quick money. The security industry estimates that botnets, over time, have resulted in more than $110 billion in losses to victims globally. An estimated 500 million computers fall prey to botnet attackers annually, which comes down to about 18 victims infected per second.
An APT or Advanced persistent threat is a group of people who are highly motivated (financially, politically or economically) working together, well skilled, and patient. They have advanced technical tool which is not available to other attackers. They use vulnerabilities revealed by the APT or APT sponsor that is not disclosed to anyone else hence it's very difficult to defend them. They're chronic and consciousness on exploiting one or more unique objectives instead of just any target of opportunity. APT use social engineering as a tool to get more details of those specific targets. APTs are either funded by Governments or adversaries as they need a lot of resources to go after any target. APTs are well organized as they could move after the easy objectives and avoid the comfortable networks. It goes after particular goals primarily based on what it desires to take advantage of from the ones targets. An APT might be willing to make investments months or years of time toward infiltrating and Compromising a desired goal. APTs might be military units, different government-sponsored entities, or beneath the control of nongovernmental actors, including organizations, activist agencies, or organized crime. Few examples in which
Each internal bank department relies on the other in order to provide great customer service. Some departmental dependencies can hinder the progress of the bank. The security issues and threats involved can include employees stealing money, vital information from other departments, employees allowing outsiders to infiltrate the departments and cause issues.
Wells Fargo had said that they open 1.4 million fake accounts but eventually it went up to 3.5 million fake accounts. Those accounts weren’t use by the customers. Wells Fargo company discovered that their employees were the reason behind the scandal by using unauthorized credit card and bank accounts from customers who wasn’t activity using them. Wells Fargo realize that this problem was dating back since the early 2000’s. Wells Fargo also had another scandal that involved 570,000 auto loan customers who were charged with insurance that they didn’t use which eventually resulted in repossessing cars of those customers. Wells Fargo was fined for 185 million dollars after Wells Fargo said that the employees had opened fake accounts. Wells
Three key things need to take place internal controls, strengthen financial reporting, and corporate governance.. For protection of the bank, there needs to be more than one sign on/log in into a system
By listening the word itself making many business and people getting afraid of it. Data breach is leaking security information of people or public using different means and which results in compromising the millions and millions of people credit and debit card information 's , health information 's ,Social Security numbers .From the year 2005 to 2014 the data breaches have been increased a lot .Due to this millions of
Online bank: Since this process is done by the internet, then various of threats can be caused.
-evaluate the impact of such a breach on the security of confidential information and on the infrastructure of the website.
Prevalent to the current trend now is the dependency of the society on Information technology and communication systems. Every aspect of human life is one way or the other linked and controlled by information technology tools. The importance of information technology cannot be over emphasized as its unavailability could lead to a form of disaster or the other. Pivotal infrastructures like finance, healthcare, education and security are driven by information technology. However, information technology and its benefits are accompanied by vulnerabilities and risks that can be exploited by people with the necessary technical skills. Individuals like ‘Hackers’ and ‘Cyber Terrorist’ can cause disruption to information systems, commit financial fraud and also attack computers and networks. These attacks and disruptions could result to violence against people and properties. In some cases, death, serious injuries and severe economic loss could occur as a result of these attacks.
Financial institutions work with a large amount of data, often sensitive information. The computer software banks use are quite complex, which makes them a target for fraud and
In the last decade it’s amazing how technology has advanced over the years and will continue to advance for many years to come. Every year there is a new cell phone from Apple or Samsung, with new features that make our lives more convenient. From faster software to higher picture quality and so on. I am unable to recall the last time I used a camera to take pictures or went to the bank to deposit a check. Technology advances every day and many can’t wait to see what’s next to come. But with new technology comes greater risk for violations of privacy. In the following research paper I will discuss the types of security breaches and the cost associated with these breaches that businesses around the world face on a daily basis.
Technological advancement has had a gigantic effect in the banking industry. Over the past few decades, the financial services industry has changed considerably with banking transforming from the pen and paper method to the computers and internet method. The pen and paper method took weeks or even months for the transaction to be eventually completed, and then the dramatic introduction of the computer and internet method which changed that time frame to only a matter of seconds to be completed, which reduced the amount of time and labor needed to complete a transaction significantly. Banking is considered one of the most important economic sectors with it being severely influential and responsive to any little change, whether it is domestic or international. Some extreme changes that were brought about by the development of this new technology turned into a globalized nature for the financial services industry. One stroke of a key on a computer could and would change a person 's life extensively or even have a global impact. The new technologies that were created and introduced changed how the consumers managed their money from that time on. Technology has helped to protect peoples’ hard earned money and make it much more impossible for people to be able to write out bad checks or even holding up a bank. The advancement in technology however, also came with some security risks as most things do, that could affect the money that people trusted with the bank and
There are many risks, some more serious than others. Some examples of how our computer and systems could be affected by a cyber security incident include manmade or natural disasters, improper cyber security controls, or malicious users wreaking havoc.
Advanced Persistent Threats: It includes basic malware, to targeted and state sponsored attacks which attempt to steal intellectual property
Data breaches are increasingly common as companies are faced with securing a multitude of networks, devices, applications, users, and files used in the course of conducting business. And with global workforces and the rise of cloud computing, security perimeters are more difficult to define than ever before. These issues combine to create a perfect storm – a climate ripe for hackers to take advantage of. (Lord, 2017) Below are the trending data loss trends to watch out for: