Nowadays people are very much dependable on the banks to store their money as they also give them interest in return. Most of the companies are now providing salaries to their employers by transferring money to their bank accounts only.
That is why banks are the only way to interchanging of currency by one person to other person.
That is why banks developed internet banking, mobile banking, USSD banking so that their members can easily exchange money with any third person without giving any kind of cheques or cash in hand (which usually takes 3-4 days to be processed) instead by internet-based banking the money is transferred in real time (i.e, IMPS ) So most of the people started using internet banking.
However that was not only the solution for it. It also attracted hackers and crackers attention towards steal money by hacking the payment gateway of bank with is used to transfer money as a result many cases appear of customers complaining that their money is deducted from their Account but, their order is not placed on e- commerce website instead from that ₹xyz money deducted from account for purchasing nothing.
Even nowadays in india ATM’s are running on windows XP or even low ( i thinks) that is even too easy to hack for a hacker. As a result most of the news come into observations that money from a ATM hacked at night or a ATM hacked by a hacker if anyone comes and withdraw money it will not come out and person thinks its ATM fault but hacker comes after some time do something to atm and withdraw the money that person have withdrawn.
That is why banks need cybersecurity.
-: Recent attacks on banks:-
In july 2017 Italy’s top bank UniCredit has been targeted in huge attack in Largest banking security in Europe last year.
In that Biographical and loan data of 400,000 customers was stolen in the hack.
Daniele Tonella, CEO of UniCredit Business confirmed the bank immediately blocked the hackers, closed all breaches and upgraded the system.
The bank said that the security breach took place via an “Italian external trade partner”.The bank will contact affected customers and has pledged to upgrade its IT systems in a £2billion project.
Why are banks vulnerable towards cyber attacks?
Banks are most vulnerable towards cyber attacks because this is only platform where hackers can get money when they hack someone’s account or full bank’s data. They are getting paid for doing this.
Even everything is attached to bank account if, you are going for lunch in restaurant, paying for petrol, using e-wallets, internet banking, mobile banking all these require you to have a bank account and a credit/debit card which contains a the information.
-:The intention of the attackers:-
1) For financial gain:-
Cyber attacks for financial demands, modern way to take blackmail this can affect organisation of all sizes or any individual as well. There are many variations – for eg. Hacker take over a person’s computer and freeze it, then they say to the person to give them money to make it work again.
Another variation lead to a recent case where guests at a hotel in Austria were prevented from entering their rooms until a ransom had been paid – the hotel is reportedly removing electronic locks accessed with cards and reverting to old-fashioned keys!
2) To make political point:-
Many businesses may feel that they are unlikely to be a target for political or social hacktivist, though it is well to be aware that the targets of these attacks vary greatly. If someone objects to your operations, you could find yourself at the wrong end of a hacktivist attack.
-:Impacts of such attacks:-
In Late 2016, cyber-criminals hacked Tesco Bank’s online banking computer system and transferred £2.5m from the current accounts of 9,000 customers.
ATM and point of sales (POS) attacks continued to increase in 2016.
Attackers were able to install the ATMitch malware on multiple ATMs, and cash out at least $800,000.
-:How can banks prevent cyber attacks:-
Banks should reach their customers and tell them about malicious apps that can steal their personal data. Malicious apps is not only a problem found on third-party app stores. We still see infected apps appear on the official Google Play Store now and then. For example, in February 2017 an Android Fakebank variant disguised itself as a weather application called “Good Weather” on the official Google Play Store and was downloaded by approximately 5,000 users.
Monitor and block malicious traffic on the endpoint with Symantec Endpoint Protection or in the network with Symantec Secure Web gateway.
*Advance antivirus engine:-
Symantec uses an array of detection engines including an advanced signature-based antivirus engine with heuristics, just-in-time (JIT) memory scanning, emulator, advanced machine-learning engines and reputation based detection. This allows the blocking of sophisticated threats, including directly in memory executed threats, at various layer.
*In addition, users should adhere to the following advice to reduce the risk of cyber attacks:
- Exercise caution when conducting online banking sessions, in particular if the behavior or appearance of your bank’s website changes.
2) Exercise caution when receiving unsolicited, unexpected, or suspicious emails.
3) Keep security software and operating systems up to date.
4) Enable advanced account security features, like 2FA and login notification, if available.
5) Use strong passwords for all your accounts | Always log out of your session when done.
6) Monitor bank statements regularly.
7) Notify your financial institution of any strange behavior while using their service.
8) Be wary of Microsoft Office attachments that prompt users to enable macros.
(by : Devesh Pratap Singh)