ABCXYZ Bank Case Study: Cyber Security Breach and Its Ramifications

Verified

Added on 2023/02/02

AI Summary

This case study examines a cyber security breach at ABCXYZ Bank, where hackers stole confidential client data and proprietary documents, publishing some to damage the bank's reputation. The report focuses on the legal and regulatory responsibilities of the bank, including the application of cyber security measures like cryptography and firewalls to protect sensitive information. It explores the roles of different types of hackers, the importance of data protection, and the relevant legislation such as the Communication Act 2003 and the Data Protection Act 1998. The case study highlights the ethical and professional responsibilities of the bank's management, particularly in their response to the breach, and the impact of such incidents on financial firms, referencing examples like the JP Morgan Chase cyber-attack. The conclusion emphasizes the importance of implementing robust cyber security measures to safeguard confidential data and maintain customer trust.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

BANKING SYSTEM
BREACH CASH STUDY

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

INTRODUCTION
Cyber security is used to refer to security that is offered through online services in
order to protect online information or any confidential data or information which includes
banking account statements, account number, personal information, credit card number and
recent transaction done by any individual number. All wrongful act that committed on
computer system, internet or network are known as cyber-crime. Hackers are those who uses
advance computer technology in order to gain unauthorized access of personal data or
information, business trade secrets and exploit the reputation of banks or business for
revenge. They use their skills for reaching specific goals and objectives which includes
stealing money, gaining fame by bringing down computer system and making network
unavailable. In context with the banking system breach case study, unknown hackers has
broken down the bank’s security system and has stolen confidential data about many clients.
They have published some stolen data in order to gain frame and damage bank’s reputation.
This report is mainly emphasis on the legal and regulatory role and responsibilities of bank.
This report also covers about the ethical and professional responsibilities of bank.
Cyber security is concerned and associated with the security of cyber space that is
somewhere included with both virtual ones as well as physical places. It also involves with
security entities that is used or rely on cyber space. Cyber security main duty is to ensure all
the roles and responsibilities that is legally implemented to provide security. Nothing is crime
unless it is prescribed by law, but most of the crime are beyond the research of laws.
Recently, only the legislative obligations for the cyber security is established under the
section 105A of the Communication Act 2003.
Security provision of the Data Protection Act 1998 has been enforced by the ICO in
order to include cyber space. It assign and contain appropriate duties for cyber security in
order to protect and conserve personal data and information from cyber security
vulnerabilities which includes cyber-crime by hackers. The Financial Conduct Authority is
highly active to order to regulate and control personal confidently data security by using its
power and rights under the Financial Services and Markets Act 2000. Now new laws and
legalisation are implemented that is associated Cyber Security Directive. It will create a legal
duty for cyber security for different market operators, banks as well as various public
administrations. This will help them to take and implement appropriate technical and
appropriate measures in order to manage, control and monitor the risks that is posed to

security along with security of the network and information system. Moreover, new national
regulation for cyber security is appointed with competent enforcement powers to identify the
threats, risks and incidents that is associated with breach or cybercrime. The main motive of
the Directive is to ensure about the levels of network along with network of information
security (Singer and Friedman, 2014).
There are many cases found in context with hacking attack on financial firms. One of
the huge cyber-attack was found on JP Morgan Chase, it has touched and damaged around 83
million households and business. The main question after this incident was that who were the
hackers and what was the strategy used by them to attract financial firm. The hackers was
found to be operating through Russia, hackers burrowed into the digital network of bank and
then they went down a path that allows them to illegally access the information and data
about the names, addresses, contact numbers and email- address of the account holders
(Goldstein, Perlroth, and Sanger, 2014) Hackers were having the aim to access critical
financial information by bank security was able to manage it through advance security
technology. There are three types of hackers which mainly involves as black hat hackers,
white hat hackers and grey hat hackers. Black hat hacker are those who uses their skills to
steal money, confidential data or information, put down computer system or even destroy
them. White hat hacker are known as ethical hacker, they generally hacks for any
organisation or company for defensive purposes as they are given special permission with
limits on what to hack and what not to do in network system. Grey hat hackers act as the
blend of both white hat hackers and black hat hackers.
In order to provide proper security to clients, banks should implement cryptography
has it plays crucial role in the banks and other financial service firm. Cryptography
implementation allows to get ensure about various important data transactions that are
processed securely. It makes the message unreadable to any every person except to legitimate
user who is having the encryption and decryption key (Roy and Venkateswaran, 2014).
Cryptosystem deals with encryption and decryption process along with this it is involves with
the methods of hiding confidential data and information with the help of keys. The whole
process of cryptography involves with the encryption and decryption in which encryption is
the process in which plain text data is converted into unreadable text which is termed as
cipher text and then decryption process take place in which unreadable text is transformed
back to its original normal form. Banks uses cryptography methodologies in order to preserve
confidential information about client account along with save and secured online transactions.

Moreover, firewalls are used by the banks in order to provide security to protect and preserve
confidential data and information of the clients. The firewalls is defined as a software or
hardware that allows only external user with specific characteristic or specification to access
information given to users one selective basis such as IP address, domain name, password
and protocol etc. Firewalls works by establishing barrier between the secured network and
external network (Shekhawat and Sharma, 2011).
CONCLUSION
It is found that in order to keep confidential data or information secure from hackers,
cyber security measures should be taken which includes cryptography, firewalls etc. It is also
concluded that cyber security is used to provide security in order to protect online
information or any confidential data or information which includes banking account
statements, account number, personal information and credit card number.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

REFERENCES
Von Solms, R. and Van Niekerk, J., 2013. From information security to cyber security. computers &
security, 38, pp.97-102.
Randazzo, M.R., Keeney, M., Kowalski, E., Cappelli, D. and Moore, A., 2005. Insider threat study:
Illicit cyber activity in the banking and finance sector (No. CMU/SEI-2004-TR-021). Carnegie-Mellon
Univ Pittsburgh PA Software Engineering Inst.
Ula, M., Ismail, Z. and Sidek, Z.M., 2011. A Framework for the governance of information security in
banking system. Journal of Information Assurance & Cyber Security, 2011, pp.1-12.
Singer, P.W. and Friedman, A., 2014. Cybersecurity: What everyone needs to know. Oxford
University Press.
Shekhawat, N.S. and Sharma, D.P., 2011. Cloud Computing Security through Cryptography for
Banking Sector. In Proceedings of the 5th National Conference.
Roy, S. and Venkateswaran, P., 2014, March. Online payment system using steganography and
visual cryptography. In Electrical, Electronics and Computer Science (SCEECS), 2014 IEEE Students'
Conference on (pp. 1-5). IEEE.
Goldstein, M., Perlroth, N. and Sanger, D.E., 2014. Hackers’ attach cracked 10 financial firms in major
assault. The New York Times.