Cyber Security Report: Banking Sector Privacy and Security Issues

Verified

Added on 2020/05/16

AI Summary

This report delves into the critical cyber security challenges faced by the banking sector, emphasizing the increasing reliance on technology and the associated vulnerabilities. It examines privacy issues arising from online banking and data exchange, highlighting threats such as phishing, cross-site scripting, and pharming. The report analyzes data retention problems and the impact of malware on banking systems. It also explores the countermeasures employed by banks, including database encryption, data retention strategies, and the use of SSL. The report emphasizes the importance of continuous risk assessment and the implementation of effective security controls to mitigate fraudulent activities and protect sensitive customer data within the Indian banking system, referencing various academic sources to support its findings.

Running head: CYBER SECURITY
Cyber Security
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1CYBER SECURITY
Background about topic
According to Laudon and Laudon (2016), the use of technology in the modern world has
become very important in the business and especially in the banking sector. The banking sector
in the modern world is too much dependent on the use of technology so that it can help in
efficiently managing the bank accounts of the customers. The use of technology has also bought
some problems and challenges such as external threats that need to be dealt cautiously. The
researchers Reaves et al., (2015), was of the view that the increase in the cyber frauds along
with the unintentional acts of the employees have led to secure the data in a confidential
manner so that it cannot be used for misguiding activities. Most of the banks nowadays are
exposed to the risk of cyber attacks, as there may be security breach of the privacy of data due to
the various online modes of payments and the use of ATM cards. The number of attacks in the
financial services has increased by four-folds than the other industries that are operating on a
global manner.
Thesis statement
The major problem of the banks nowadays is to protect the data from the various
fraudulent activities that are taking place in the world recently. This paper will aim to discuss the
privacy and security issues that are faced by the banks with the change in the time so that it can
be counter measured in an efficient manner in retaining the data that are present with the banks.
Privacy Issues
In the contemporary period of internet banking communication has become easier along
with the exchange of huge set of data. That is why privacy concern is also important as no person

2CYBER SECURITY
can be trusted with the public networks without proper verification. Bhasin (2015) was of the
view that most of the banks are trying to tighten the grasp of security in their work mechanisms
so that the gaps between them can be filled properly. They are using the method of encrypting
the data with passwords, Secured Socket Layer (SSL) and the use of User Awareness Programs,
which might provide some resistance to the fraudulent activities that are being carried against the
banks.
Cyber Security attacks on banks
As per Thakur and Srivastava (2015), the challenges that are being faced by the banks
include the issues related to privacy, which includes the sharing of the information that is
personal in nature. The sharing of the information with the third parties allows them in
accessing the information of various personnel so that it can be used for the purpose of marketing
and the numbers on the cards can be derived without the consent of the user. The collection of
the personal data and information of the consumers will lead to blackmailing the people by the
fraudsters.
Venkatesh, Rathi and Patwa (2015) pointed out that another problem that is associated
with the cyber attacks on the banks is known as Phishing, which is an attempt that is made
to obtain the information that is sensitive in nature. The fraudulent activities will result in
getting access to the details of the credit card holder along with the passwords and usernames of
the consumers. This is commonly carried out by messaging on an instant manner along with the
spoofing that is done through e-mails. The access to the online information by the fraudsters will
help them in gaining access to the bank details from where the money can be transferred without
the knowledge of the consumers.

3CYBER SECURITY
Apart from this, Srivastava and Gopalkrishnan (2015) opined that there is another
problem that is known as cross site scripting (XSS), which is usually applied in the
application on the web where the injections of codes are done in the web pages of the users
so that it can be viewed by other users as well. This vulnerability is used by the fraudsters so
that it can help in exploiting the consumers by bypassing their information so that they can gain
the access to control their systems (Iibf.org.in, 2018).
Another problem as opined by Laudon and Laudon (2016) was that the banks are facing
is known as Pharming where the user will be redirected to a fake site when they try to
access an original site. This is done by changing the files that are present in the computer of the
host or by using the theory of exploitation by increasing the level of vulnerability in the DNS
server software.
Data retention problems in data security
Inukollu, Arsi and Ravuri (2014) argued that the acceptance of the challenges in the
security system by the banks are becoming more complex with the passage of time, as most
of the banks are trying to tighten their mechanisms of security with respect to the various
activities that are taking place against them. They are using different counter measures such
as anti-hacking and anti-key logging technology so that the data can be retained within the
system. These counter measures will help in securing the safety of the banks so that the use of
One Time Password (OTP) can be encouraged among the customers
(Banking.apacciooutlook.com, 2018).
Moreover, Roy and Venkateswaran (2014) were of the view that malware is another
software program that is used by the fraudsters so that they can change the computer

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4CYBER SECURITY
system without the consent of the owner or the user. It is inclusive of Trojan horses, worms
and viruses so that it can result in influencing the confidentiality and availability of the system of
banking. It has the ability to compromise the information within the system of banking so that it
can result in loss of millions of rupees from the banks. The use of this software can be done to
target the bank or the system of the user as well (Dsci.in, 2018).
Counter measures used by the banks
The banks are using the technology of database encryption so that it can prevent the
internal employees from using the sensitive data who have access to the databases. The use of
Transparent Data Encryption has helped the banks in encrypting the data within the database
system by applying an asymmetric or a symmetric approach so that the encryption key can be
used to store the master database of the banks (Thakur & Srivastava, 2015).
The Indian banks are also removing the unwanted data that are no longer being used
within the system so that it does not unnecessarily compromise the security of the data. The
retention and archiving the data will help the banks in ensuring that the data can be safely
stored within a dedicated environment (Reaves et al., 2015).
Kiljan et al., (2017) pointed out that they are highly encouraging in using the system of
SSL, which helps in establishing a secured connection between the client and the server. It works
by creating an encrypted link between the browser and the server and the information that is
sensitive such as the number on the credit cards can be secured with the use of SSL. The SSL
communication can be established in to the system if the server of the bank has a Certifying
Authority (CA), which constitutes of a pair of keys that is one public and private key each. There
exists a third key as well known as the session key, which needs to be exchanged between the

5CYBER SECURITY
browser and the server so that the connection can be secured between the private and the public
key.
Apart from these counter measures; Roy and Venkateswaran (2014) were of the view that
the banks have to assess the risks that they are facing on a continuous manner with respect to the
size, setup and the operations of business in an efficient manner. This will help in eradicating the
risks that may result in effective controls of the security and the threats of identity. These
loopholes can be measured and better designs can be implemented within the Indian banking
system so that it can help in keeping a check on the fraudulent activities that are happening
within the system (Ijcaonline.org, 2018).

6CYBER SECURITY
Reference List
Banking.apacciooutlook.com. (2018). Data Security And Privacy Concerns For The Indian
Banking Industry. [online] Available at:
https://banking.apacciooutlook.com/cxoinsights/data-security-and-privacy-concerns-for-
the-indian-banking-industry-nwid-44.html [Accessed 4 Feb. 2018].
Bhasin, M. L. (2015). Menace of frauds in the Indian banking industry: an empirical study.
Dsci.in. (2018). State of data security and privacy in the Indian banking industry. [online]
Available at: https://www.dsci.in/sites/default/files/DSCI%20-%20KPMG%20Banking
%20Survey%20Report%20-%20Final.pdf [Accessed 4 Feb. 2018].
Iibf.org.in. (2018). SECURITY AND PRIVACY ISSUES IN E-BANKING: AN EMPIRICAL
STUDY OF CUSTOMERS’ PERCEPTION. [online] Available at:
http://www.iibf.org.in/documents/reseach-report/Tejinder_Final%20.pdf [Accessed 4
Feb. 2018].
Ijcaonline.org. (2018). Challenges in Privacy and Security in Banking Sector and Related
Countermeasures. [online] Available at:
http://www.ijcaonline.org/archives/volume144/number3/zahoor-2016-ijca-910173.pdf
[Accessed 4 Feb. 2018].
Inukollu, V. N., Arsi, S., & Ravuri, S. R. (2014). Security issues associated with big data in
cloud computing. International Journal of Network Security & Its Applications, 6(3), 45.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7CYBER SECURITY
Kiljan, S., Simoens, K., Cock, D. D., Eekelen, M. V., & Vranken, H. (2017). A survey of
authentication and communications security in online banking. ACM Computing Surveys
(CSUR), 49(4), 61.
Laudon, K. C., & Laudon, J. P. (2016). Management information system. Pearson Education
India.
Reaves, B., Scaife, N., Bates, A. M., Traynor, P., & Butler, K. R. (2015, August). Mo (bile)
Money, Mo (bile) Problems: Analysis of Branchless Banking Applications in the
Developing World. In USENIX Security Symposium (pp. 17-32).
Roy, S., & Venkateswaran, P. (2014, March). Online payment system using steganography and
visual cryptography. In Electrical, Electronics and Computer Science (SCEECS), 2014
IEEE Students' Conference on (pp. 1-5). IEEE.
Srivastava, U., & Gopalkrishnan, S. (2015). Impact of big data analytics on banking sector:
Learning for Indian banks. Procedia Computer Science, 50, 643-652.
Thakur, R., & Srivastava, M. (2015). A study on the impact of consumer risk perception and
innovativeness on online shopping in India. International Journal of Retail & Distribution
Management, 43(2), 148-166.
Venkatesh, V. G., Rathi, S., & Patwa, S. (2015). Analysis on supply chain risks in Indian apparel
retail chains and proposal of risk prioritization model using Interpretive structural
modeling. Journal of Retailing and Consumer Services, 26, 153-167.