Security Breaches in Financial Institutions and Measures for Prevention

Security Breaches in Financial Institutions and measures for prevention

Abstract

Robbing a financial institution used to require a weapon and a car to run away. These days a financial institution can be hackedfrom anywhere in the world with a computer which is connected to internet.Millions of banking transactions occur onlineevery secondthroughout the world. Cyber-attacks can take place at any moment which may result in huge loss to bank.

As per the intelligence reports, Federal Bureau of Investigation (FBI) is now investigating the security breaches that happened at several US banks, including JPMorgan Chase, top most bank in united states. This paper describes about various security breaches that took place in different financial institutions and also discusses about how the breach happened and how it affected the bank and what steps did the financial institution took to continue their business. Providessuggestions to Financial Institutions and its employees which should be in their minds to protect the bank data. Also discussed about the future scope of the cyber hack in banking sector along with the cyber-attack statistics of the year 2014.

Introduction

The purpose of this paper is to examine the effects security breaches have on financial institutions and discover the steps financial institutions are taking to mitigate the hacker’s threat. The idea that the intrusions are roused by a yearning to take information that could be used for benefit, is more conceivable. There are many under world black markets in the world where hackers sell the stolen bank data andmake huge amounts of money and they do it quite easily which are not tracked by popular web browsers. I will conclude providing some suggestions to both individual users and financial institutions.

What is happening now?

There are numerous reasons as to why an individualor group would want financial information. The motive of a hacker or group of criminals varies from simply being malicious to creating disruptions in service such as a Distributed Denial of Service (DDoS) attack.

First they route huge amounts of traffic to organizations website which will make organization’s servers to become so overloaded and finally they crash. The organizations web site and servers will no longer work once the objective of the DDoS attack has been accomplished. Once the attacker got the access to organizations server then he steals all the data stored in the server and sells the compromised data for large amounts of data.

Once hackers steal the data and demand for money from an individual or an organization in order to restore the data where it belongs to, just like kidnapping. They may also threaten to destroy or sell the data unless they receive the payment. The hacker can use compromised data to spam, using bots or zombies without the end user realizing their vulnerability or without them knowing that any information has been compromised. Hackers use many strategies to take advantage of unsuspecting customers. A common technique used is claiming. When a customer log-in to his banking account they receive a prompt saying the banks certificate has been expired please click the link to enter your details and once the link is clicked it redirects to different page which does not belong to your bank and monitored by attackers it asks user to enter personal information along with login id and password by this the hackers have your accounts credentials.[1]