About

Tuesday, July 11, 2017

Cyber crime and How to confront cyber crime in financial sector?

General words

Computers, the Internet, and other electronic medium are the tools that facilitate the instant exchange and distribution of data, images, and materials. The fraudulent activities of IT are termed as cyber-crime. It is also called as e-crime, hi-tech crime, account Hacking or electronic crime.

Cyber crimes in Banking Sector (Globally)

1. Stealing of personal information of >2.9 million credit card customers of Barclays and Santander Banks UK in 2013.
2. Missing $ 450,000 from the bank account of a Pennsylvania school district in 2008.
3. In 2009, Transfer of $3 million from a school’s account in New York. Some money was recovered. But $500,000 was withdrawn from the account before the transaction could be reversed.
4. Creation of fake debit cards and withdrawal of > $9 million from ATMs worldwide by breaching the U.S. payment processor's computer systems in 2009.
5. Huge cyber attacks hit on 13th May 2017 nearly to 100 countries with "Wanna Decryptor" malware which is called ransomware as well.
6. In 2002 the newly formed U.S. Internet Crime Complaint Center reported that more than $54 million dollars had been lost through a variety of fraud schemes; this represented a threefold increase over estimated losses of $17 million in 2001. The annual losses grew in subsequent years, reaching $125 million in 2003, about $200 million in 2006 and close to $250 million in 2008.



Read more... How to be performed the ATM skimming? How to secure your ATM card from it?

Classifications of Cyber Crime

Mr. Pavan Duggal, who is the President of cyber laws, the internet, and representative, in a report has honestly described the diverse categories and varieties of cyber crimes. Cyber crimes can be essentially divided into 3 fundamental categories-
1. Cybercrimes Against Persons.
2. Cybercrimes Against Property.
3. Cybercrimes Against Government.

1. Cybercrimes Against Persons.

Cybercrimes committed in opposition to people encompass diverse crimes like transmission of baby pornography, harassment of everybody with the use of a computer which includes the internet. The trafficking, distribution, posting, and dissemination of obscene cloth inclusive of pornography and indecent publicity constitutes one of the maximum critical Cybercrimes recognized today. The capacity harm of such a crime to humanity can infrequently be amplified. this is one Cybercrime which threatens to undermine the increase of the younger era as also leave irreparable scars and harm on the younger era, if now not managed.

2. Cybercrimes Against Property.

The second one category of Cybercrimes is that of Cybercrimes against all kinds of assets. Those crimes include laptop vandalism (destruction of others' assets), transmission of dangerous programs. A Mumbai-primarily based upstart engineering organization misplaced a say and lots cash inside the commercial enterprise while the rival enterprise, an industry predominant, stole the technical database from their computers with the help of a corporate cyber secret agent.

3. Cybercrimes Against Government.

The third category of Cybercrimes relates to Cybercrimes in opposition to authorities. Cyber terrorism is one wonderful kind of crime in this class. The increase of internet has proven that the medium of cyberspace is being used by people and companies to threaten the international governments as additionally to terrorize the residents of a rustic. This crime manifests itself into terrorism whilst a person "cracks" into a central authority or navy maintained a website.
The Act defines five cybercrimes damage to PC source code, hacking, publishing electronic information that's lascivious or prurient, breach of confidentiality and publishing false digital signatures.
The studies suggest PC crime poses a real chance. those who accept as true with otherwise simply have now not been weakened by the large losses and setbacks skilled by companies worldwide. money and highbrow belongings have been stolen, corporate operations impeded, and jobs lost because of computer crime.in addition, facts systems in authorities and business alike have been compromised. The economic impact of computer crime is mind-blowing (high-quality issue)



Read more... Data security

Reasons for Cyber Crime

“The concept of law” has stated ‘people are inclined so rule of law is needed to guard them’. Applying this to our cyberspace we can also say that computer systems are prone (able to attack) so rule of law is needed to shield and guard them in opposition to cyber crime. The motives for the vulnerability of computers can be said to be:
1. Potential To keep information In comparatively Small space-
The computer has the unique characteristic of storing records in a totally small area. This provides to put off or derive statistics either via physical or virtual medium makes it lots less complicated.

2. Easy to access

The hassle encountered in guarding a laptop system in opposition to unauthorized get entry to is that there may be every possibility of breach now not due to human mistakes however due to the complicated technology. with the aid of secretly implanted good judgment bomb, keyloggers that can steal get entry to codes, superior voice recorders; retina photos and many others. that could idiot biometric systems and bypass firewalls may be utilized to get past many a security system.
3. Complicated
The computers paintings on running structures and those operating systems, in turn, are composed of tens of millions of codes. The human mind is fallible and it isn't feasible that there won't be a lapse at any stage. The cyber criminals take advantage of these lacunas and penetrate into the PC gadget.
4. Negligence
Negligence may be very intently connected with human conduct. It's miles consequently very probable that whilst defensive the PC device there might be any negligence, which in turn gives a cybercriminal to advantage get right of entry to and manage the PC device.
5. Loss of evidence
Lack of proof is a very not unusual & apparent hassle as all of the data are mechanically destroyed. The similar collection of information out of doors the territorial volume also paralyzes this device of crime investigation.

Prevention of Cyber Crime

1. Adequate ICT policy is the first thing. Govt has taken ICT policy 2016 in this regard. Financial Institutions especially Banks have the responsibility to develop their own policy which must be complied with ICT policy 2016. The majority of Banks are trying their level best.
2. Server Room's environment is a factor. Entry must be restricted. Only authorized person should be allowed.
3. Entry time & exit time of each person must be registered & checked daily.
4. Server or Client PC must be password protected. Windows & User password is necessary.
5. Regular backup of confidential data is necessary.
6. Password:
Password must not be- his/her name, his/her wife/husband name, birthday or any other person's name closely related to him/her. Password must not be written in any paper, computer or any other medium. Password must be a combination of Uppercase & Lowercase Characters, special characters, number- with at least 8 digits long. Password must be changed within 15 days; even weekly if possible. But pattern should be different.
7. Free/Pirated software should not be installed. Only license version is allowed. Application Software like- Facebook, Twitter etc is strictly prohibited.
8. There must be the precaution in case of using 3rd party software. 3rd party performance & trust must take in consideration.
9. Junk or Spam messages must be deleted regularly to avoid Spoofing & Spamming.
10. The firewall should remain active 24/7. Also checking any try of unauthorized access; if found blocking them immediately.
11. Strong serval lens system must be introduced; either in the form of CC Camera or others.
12. In the case of large transaction customer's positive pay instruction is necessary. That means the authenticity of the transaction must be taken in written or any other form from the customer.
13. Training is also a factor. The employee should be well trained about Changing threads.
14. Recruitment of IT Expert/Consultant necessary.
15. IT Audit must be executed on regular basis to check whether operations are going according to ICT policy also.
16. Cyber Attack Simulation is necessary also on regular basis. This will help in immediate response if any threat arises.
17. Building a moral value among the employee is necessary.
18. In the case of any negligence, proper punishment is a must; so that no one tries it further.
19. Customer awareness is also necessary. They must inform the bank/financial institution immediately in case of any illegal transaction from their account.
20. Higher management should also take proper steps in proper time to prevent or mitigate Cyber Crime thread.