5. [12 marks] Banks have long been targets for criminals and now with the prolif

Question

5. [12 marks] Banks have long been targets for criminals and now with the proliferation of online banking it has become even more difficult for banks to protect their assets. Most experts consider people to be the weakest part of security systems so social engineering is being used more often to illegally access the assets of a bank. Find a recent example (within 1-2 years) of a cyberattack on a bank that involved social engineering and describe it in about 500-700 words. Be sure to explain the nature of the attack, who was involved, what was damaged, who perpetrated the attack (if known), cost of the attack in monetary and societal terms. What could have been done to prevent (or lessen) the attack. What lessons can be learned from this attack. Be sure to provide at least three good references for your information.

Explanation / Answer

Banks have always been target for the cyber criminals and all other groups also because there is so much money and data will be there in banks.

The recent bank attack which i am going to discuss is Qatar National Bank. Although almost all the banks in middle east region are facing highest factor of cyber attacks with so many advanced social engineering attacks.

The most form of attack is happening in this region is by sending the malicious files in mails. This was discovered by Dynamic Threat Intelligence team that first users will get the malicious micro excel or word document with some interesting information like contacts or other. Whenever the users open that mail the virus in that mail makes the sensitive information will be copied or send to attacker's.

If the users get that information in mail as interesting then they send that mail to some other users. So that to breach the information it makes much easier for the attacker.

The same thing was happened in the Qatar National Bank last year. Data around 1.4 gb of customer information containing names and account numbers was copied into online in some file Sharing website though it was quickly identified and taken offline 1.4 gb was copied.

This has been done by Turking group named as Turkish Bozkurt Hackers. This group also claimed that they breached UAE based bank also.

This group main aim is to demand the money from the banks. They sent threat messages that the data would be posted in online if their demands was not met.

Even though none of the more information is made public by the officials and they kept all the other information secretly saying no damage was happened and the criminals was arrested.

Inorder to prevent this types of attacks I it is much needed that the employees in banks can't open the E-mails from unknown senders and without being scanned with anti virus they can't open the attachments.

Related Questions

Navigate

• Browse (All)
• Browse 5
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.