Rami Shehab,Abrar s.alismail,Dr. Mohammed Amin Almaiah,Dr. Tayseer Alkhdour,Dr. Belal Mahmoud AlWadi,Dr. Mahmaod Alrawad

DOI: https://doi.org/10.58346/jisis.2024.i3.010

2024-08-30

Abstract:Technology is important in all aspects of our lives, particularly in the banking sector. Advanced technologies resulted in a fundamental shift in the way banks operate. Malicious use of technology leads to security breaches, customer distrust, financial instability, and other forms of cybercrime. This paper focuses on the most important threats and challenges to be considered while interacting with banks and financial institutions. Significant number of literatures will be reviewed to identify the most common threats and attacks on banks and financial institutions sector, as well as appropriate mitigation techniques and countermeasures. This paper focuses on bank and financial services institution infrastructure vulnerabilities that are escalating attacks on the sector and affecting the banking system, individuals, and organizations. The security study in these 35 projects demonstrates how cyber intrusions continue to attack the financial sector due to the weakness of security defense and data containment. It turns out that malware attacks are the most common threats to banks and financial institutions. Sharing and exchanging information between banks and financial institutions, as well as best practices taken by bank cards issuers and users are the most effective mitigation techniques. Some previous studies proposed a successful model for mitigating the impact of threats on banks and financial institutions, as well as reducing risks that cannot be mitigated using current mitigation techniques. According to banks and financial services statistics and surveys, existing controls and laws do not provide appropriate security meet the banks and financial services institutions systems' demands and requirements.

Williams Haruna,Toyin Ajiboro Aremu,Yetunde Ajao Modupe

DOI: https://doi.org/10.48550/arXiv.2212.12307

2022-12-15

Cryptography and Security

Abstract:Cyber security threats to the payment and banking system have become a worldwide menace. The phenomenon has forced financial institutions to take risks as part of their business model. Hence, deliberate investment in sophisticated technologies and security measures has become imperative to safeguard against heavy financial losses and information breaches that may occur due to cyber-attacks. The proliferation of cyber crimes is a huge concern for various stakeholders in the banking sector. Usually, cyber-attacks are carried out via software systems running on a computing system in cyberspace. As such, to prevent risks of cyber-attacks on software systems, entities operating within cyberspace must be identified and the threats to the application security isolated after analyzing the vulnerabilities and developing defense mechanisms. This paper will examine various approaches that identify assets in cyberspace, classify the cyber threats, provide security defenses and map security measures to control types and functionalities. Thus, adopting the right application to the security threats and defenses will aid IT professionals and users alike in making decisions for developing a strong defense-in-depth mechanism.

Md. Hamid Uddin,Md. Hakim Ali,Mohammad Kabir Hassan

DOI: https://doi.org/10.1057/s41283-020-00063-2

2020-08-18

Risk Management

Abstract:In this paper, we provide a systematic review of the growing body of literature exploring the issues related to pervasive effects of cybersecurity risk on the financial system. As the cybersecurity risk has appeared as a significant threat to the financial sector, researchers and analysts are trying to understand this problem from different perspectives. There are plenty of documents providing conceptual discussions, technical analysis, and survey results, but empirical studies based on real data are yet limited. Besides, the international and national regulatory bodies suggest guidelines to help banks and financial institutions managing cyber risk exposure. In this paper, we synthesize relevant articles and policy documents on cybersecurity risk, focusing on the dimensions detrimental to the banking system's vulnerability. Finally, we propose five new research avenues for consideration that may enhance our knowledge of cybersecurity risk and help practitioners develop a better cyber risk management framework.

Nahid Joveda,Md. Tarek Khan,Abhijit Pathak

DOI: https://doi.org/10.5539/ijef.v11n10p54

2019-09-17

International Journal of Economics and Finance

Abstract:Cyberspace is a great media for exchanging information and data in the arena of E-banking. Banks are under pressure for the establishment of digitalization in its day by day operations to satisfy the clients' need. But the abuse of information technology has become a menace in the banking sector of Bangladesh. Concealing of original source and using advance technological solutions to transfer money illegally– the whole phenomenon is called Cyber laundering. This paper offers insights to increase an understanding of the nexus of corruption in banks, local economy and money laundering scandals. It examines the launderers' typology of crimes— both potential and real. Through this paper it is a small initiative to point out the national control mechanisms to deal with the issues of money laundering in banks. The research is based on accessible data from papers, journals, various reports, etc. The illicit flow of money through banks has created worldwide millions of dollar misfortunes. This paper focuses on creating a Cybersecurity system for detecting money laundering as it has become a threat to Bangladesh's economy. Are there any self-evident weaknesses in the financial framework that make it treatable efficiently? It is critical to acknowledge that how the security viewpoints in a financial framework can impact such unlawful exercises which are then lead to an extraordinary lost to the economic development.

Vitaliia Koibichuk,Tetiana Dotsenko

DOI: https://doi.org/10.21272/fmir.7(1).145-153.2023

2023-01-01

Abstract:Reliable cybersecurity has a decision value for economic and national security of every country. The financial sector is most susceptible to cyber-attacks, as it is one of the most important systems of society, containing a large amount of data and critical information. To provide reliable cybersecurity, government must participate actively in development and strengthening of policies. It includes establishment of rules and standards for business, creation of only national strategy of cybersecurity and participating in international partnership for an exchange advanced experience and resources. In addition, government must invest in cybersecurity tools, technology, and personnel to protect digital infrastructure and the data of citizens and companies. Finally, governments should prioritize cyber security education and awareness among citizens and companies to minimize the risk of digital attacks. The article provides a comprehensive bibliometric analysis of scientific publications devoted to the topic of financial cyber security using modern powerful bibliometric software (Vosviewer, Bibliometrix, SciVal) and an analysis of normative legislative documents of Ukraine and the European Union, in particular the recommendations of the European Union Agency for Cyber Security (ENISA). The bibliometric analysis made it possible to form groups of clusters characterizing the cyber lexicon, methods, and technologies for detecting cyberthreats, and to highlight the most cited publications in the world. The statistical basis for the analysis was formed by scientific publications indexed by the Elsevier reference and bibliographic corporation. The results of the conducted research are a plan of recommended actions for managers of financial institutions, banks, and enterprises regarding the effective organization of cyber security and includes such steps as: development of cyber security culture on an ongoing basis; appointment of a responsible person for the organization of cyber security; conducting cyber security audits on an ongoing basis; creating a data protection memo; provision of advanced training in the field of cyber data protection; ensuring effective interaction with a third party involved in financial relations, reflected in concluded contracts; formation of a response plan to cyber incidents; organization of secure access to automated information systems used in the institution’s operations; organization of device security in case of remote use and performance of professional duties; organization of network connection security; improvement of physical security of official documents and devices; protection of backup copies and testing for the possibility of a full update based on these backup copies; synchronization with cloud technologies in compliance with the provisions of regulatory documents; protection of websites, publication and distribution of up-to-date information on new types and types of cyber threats.

Liliya Z. Buranbaeva,,Aigul F. Akhmadieva,Guzel A. Musina,,

DOI: https://doi.org/10.47598/2078-9025-2024-2-63-100-106

2024-06-28

Vestnik BIST (Bashkir Institute of Social Technologies)

Abstract:The subject of the study is banking security. The purpose of the study is to identify the impact of economic crimes in the banking sector on ensuring economic security in the country in the context of growing digital risks. The objectives of the study are to consider the causes, dynamics, measures to prevent and combat crimes in the banking sector. The novelty of the study lies in the identification of factors and threats to banking security during the transition to a digital economy, digital data on economic crimes committed in the credit and banking system, the structure of economic security in the banking system and measures to ensure it are highlighted. The economic security system of a credit organization is based on the analysis of potential external and internal threats, their timely identification and forecasting, and the creation of a set of measures to prevent them. Crimes in the banking sector are a problem that has negative consequences for credit institutions, clients, and society as a whole. They are the causes of financial losses, decreasing of trust, and deterioration of the reputation of banks. Digital technologies (online banking, electronic payment systems, etc.), despite the existing advantages, create new problems and risks for the security and stability of the banking system. For the safety of banks and, accordingly, national security, it is necessary that law enforcement agencies, banks, economists and legislators respond quickly and effectively to unfavorable foreign policy and economic situations.

Ana Kovacevic,Sonja D. Radenkovic,Dragana Nikolic

2024-11-29

Abstract:The rapid advancements in artificial intelligence (AI) have presented new opportunities for enhancing efficiency and economic competitiveness across various industries, espcially in banking. Machine learning (ML), as a subset of artificial intelligence, enables systems to adapt and learn from vast datasets, revolutionizing decision-making processes, fraud detection, and customer service automation. However, these innovations also introduce new challenges, particularly in the realm of cybersecurity. Adversarial attacks, such as data poisoning and evasion attacks, represent critical threats to machine learning models, exploiting vulnerabilities to manipulate outcomes or compromise sensitive information. Furthermore, this study highlights the dual-use nature of AI tools, which can be used by malicious users. To address these challenges, the paper emphasizes the importance of developing machine learning models with key characteristics such as security, trust, resilience and robustness. These features are essential to mitigating risks and ensuring the secure deployment of AI technologies in banking sectors, where the protection of financial data is paramount. The findings underscore the urgent need for enhanced cybersecurity frameworks and continuous improvements in defensive mechanisms. By exploring both opportunities and risks, this paper aims to guide the responsible integration of AI in the banking sector, paving the way for innovation while safeguarding against emerging threats.

Cryptography and Security

Azeez Olanipekun Hassan,Sarah Kuzankah Ewuga,Adekunle Abiola Abdul,Temitayo Oluwaseun Abrahams,Monisola Oladeinde,Samuel Onimisi Dawodu

DOI: https://doi.org/10.51594/csitrj.v5i1.701

2024-01-09

Computer Science & IT Research Journal

Abstract:The paper review cybersecurity practices in banking, with a specific focus on Nigerian banks. Cybersecurity has become a paramount concern in the banking industry worldwide, given the escalating frequency and sophistication of cyber threats. This study provides an overview of the global landscape of cybersecurity in banking, with a specific focus on practices observed in Nigeria. The global banking sector is witnessing a surge in digital transformation, marked by the adoption of advanced technologies and online financial services. However, this digitization brings with it unprecedented cybersecurity challenges, ranging from data breaches and ransomware attacks to sophisticated financial fraud. Financial institutions globally are compelled to fortify their cybersecurity frameworks to protect sensitive customer information, ensure the integrity of financial transactions, and maintain trust in the digital financial ecosystem. Nigeria, as a key player in the African banking landscape, faces unique cybersecurity challenges and has developed distinct strategies to safeguard its financial institutions. This study explores the cybersecurity practices employed by Nigerian banks, considering regulatory frameworks, incident response mechanisms, and collaborative efforts with international cybersecurity entities. The analysis encompasses case studies illustrating real-world cyber threats and incidents in both global and Nigerian banking contexts. It investigates the effectiveness of cybersecurity measures implemented by Nigerian banks, shedding light on the nation's response to evolving cyber risks. Furthermore, the study delves into collaborative initiatives between Nigerian banks, regulatory bodies, and international cybersecurity organizations to enhance information sharing, threat intelligence, and collective defense mechanisms. It also explores the role of public awareness campaigns in fostering a cyber-resilient banking environment. The insights provided aim to contribute to the collective understanding of cybersecurity challenges in the global banking sector while offering a nuanced perspective on Nigerian practices. As digital financial ecosystems continue to evolve, the findings underscore the importance of ongoing adaptation, collaboration, and innovation in safeguarding the integrity and trustworthiness of banking systems, both on a global scale and within the Nigerian context. Keywords: Cybersecurity, Banking, Global Perspective, Nigerian, Cybersecurity, Artificial Intelligence.

Efijemue Oghenekome Paul,Obunadike Callistus,Olisah Somtobe,Taiwo Esther,Kizor-Akaraiwe Somto,Odooh Clement,Ifunanya Ejimofor

DOI: https://doi.org/10.5121/ijsc.2023.14301

2023-08-27

International Journal on Soft Computing

Abstract:As the financial sectors in the United States deal with expanding cyberthreats and a rising danger of financial crime, cybersecurity has become a top priority. This paper examines the crucial cybersecurity techniques used by financial institutions to protect client information and counter the growing risk of financial fraud. It proves that understanding common fraud tactics used to defraud financial institutions and customers, putting fraud detection and prevention techniques like anomaly detection and machine learning into practice, and using transaction monitoring and anti-money laundering tactics to spot and stop fraudulent activity are all necessary for preventing financial fraud. The paper begins by reviewing the common cyber dangers affecting the financial industry and the strategies used by cybercriminals to circumvent security precautions and take advantage of weaknesses. After looking at potential risks, the paper highlights the importance of proactive cybersecurity measures and risk mitigation techniques. It highlights crucial components of cybersecurity frameworks, including strong data encryption, multifactor authentication, intrusion detection systems, and ongoing security monitoring. This paper also emphasizes the value of educating and training financial institution staff members to increase cybersecurity resilience. It underlines the significance of building a strong security culture, educating personnel about potential dangers, and encouraging responsible management of client data. The study also explores the advantages of financial organizations working together and exchanging threat knowledge. It examines industry alliances, information-sharing platforms, and public-private partnerships as crucial methods for group protection against cyber threats. This paper highlighted the significance of artificial intelligence and machine learning in cybersecurity domain. It demonstrates how these technologies improve cybersecurity systems' capabilities by spotting irregularities and potential attacks. It emphasizes the significance of taking a proactive and dynamic strategy to securing client information and maintaining faith in the United States’ financial sectors. Overall, this paper provides a thorough overview of cybersecurity tactics crucial for protecting consumer data and avoiding financial fraud in the financial sectors across the United States. By taking a vigilant, team-based, and technology-driven strategy, financial institutions may strengthen their cyber defenses, protect the data of their clients, and defend the integrity of the financial system.

Jae Kwon Bae,Gwang Heon Hong,

DOI: https://doi.org/10.38115/asgba.2023.20.6.133

2023-12-31

The Academic Society of Global Business Administration

Abstract:In the era of digital financial innovation, the importance of financial security is being emphasized day by day as the financial sector expands its use of technologies such as the Internet of Things(IoT), Cloud, BigData, and Artificial Intelligence(AI). Financial security refers to Fintech security and involves establishing and operating an integrated security control system against cyber threats that take advantage of security vulnerabilities resulting from the introduction of innovative technologies, responding to intrusion incidents, and analyzing and assessing vulnerabilities. In particular, security risks are emerging as cloud services are utilized throughout the financial industry, and financial security control and abnormal financial transaction detection are being advanced by applying AI technology. Additionally, in the financial sector, data security and information protection are emerging as very important issues in the era of the MyData platform. As the MyData service expands, where a large number of personal information is concentrated in one place, the threat of personal information infringement due to indiscriminate information collection and service hacking is also increasing. Accordingly, it is necessary to strengthen personal information protection within the MyData service and increase awareness of cyber security and financial security. Against this background, this study first examines changes in the security environment of the financial sector (internal control and abnormal financial transaction detection) and the components of the integrated security control system. Next, we would like to derive security threats to the financial sector such as phishing and smishing using social engineering techniques, authentication information theft, Ransomware, Emotet, Soggolish, BEC, and TOAD. Lastly, in relation to cyber security policies in the financial sector, we would like to discuss countermeasures against Ransomware in the financial sector, plans to build a next-generation financial security control system, MyData information protection and information security, and the applicability of the Zero Trust model in the financial sector.

English Else

DOI: https://doi.org/10.33140/aurdp.01.01.02

2024-02-27

Abstract:Background: Cyber Security is to protect online data and software from cyber threats. These cyberattacks are typically intended to gain access to, change, or delete sensitive information; extort money from users; or disrupt regular corporate activities. It is difficult to keep up a regular follow up with new technologies, so it is necessary to keep the important data safe from cyber threats. There are many types of cyber threats, malware, ransomware, social engineering, phishing etc. To prevent cyber-attacks one can, use password manager tools like LastPass and others. People also use two factor authentication for double security on their accounts. Methods: Boards such as the National Institute of Standards and Technology (NIST) are developing frameworks to assist firms in understanding their security risks, improving cybersecurity procedures, and preventing cyber assaults. The fight against cybercrimes and attack, organizations needed a strong base there are 5 types of cyber securities: Critical Infrastructure Security, application security, network security, cloud security and (IoT) Security. In the modern time the US is highly based on computers and on different software, so it is really important for the US to be more conscious about the security as they get many threats almost every day for hacking their data and accounts. Results and Conclusion: Nowadays, even small businesses rarely recover their loss from the cyber-attacks and many back-off from continuing their businesses after being target of hackers. The first cybercrime attack was recorded in 1988 by a graduate student. Now that large companies and even small businesses are aware of cyber-attacks, they try their best to take every precaution to prevent hacking with double security and password manager tools.

Sergey V Shkodinsky,Moscow 127006 Financial Research Institute,Mihail N Dudin,Daler I Usmanov,Moscow 117418 Market Economy Institute,Sergey V. Shkodinsky,,Mihail N. Dudin,Daler I. Usmanov,,,

DOI: https://doi.org/10.31107/2075-1990-2021-3-38-53

2021-06-01

Financial Journal

Abstract:The relevance of the topic of this scientific article lies in the need for a theoretical and practical study of the problem of escalating numbers and quality of cyber threats and attacks committed against institutions of the Russian financial system, implying their safe and sustainable development being ensured in Industry 4.0. The purpose of the article is a comprehensive analysis of cyberthreats facing the national financial system of the Russian Federation in the context of economy digitalization. The subject of scientific research is the processes of ensuring national security of the Russian Federation’s financial system in the digital economy. In the process of research, the authors relied on general scientific methods (observation, comparison, measurement, analysis and synthesis, as well as logical reasoning), specific scientific methods (static analysis, expert assessments, and graphical method), and the foresight method. The validity and reliability of the results of scientific research are ensured by the correctness and rigor of the logic and research scheme construction. Scientific and practical research of Russian and foreign scientists in the field of cybersecurity, digital economy and public administration was used as a methodological and fundamental basis of the study. Various approaches to key categories—digital sovereignty and cyberwar—have been systematized, and it has been established that the most pressing financial challenges and threats to the digital economy of the Russian Federation are as follows: hacker attacks, financial sabotage in the financial market, design and launch of social engineering trojans, infrastructure attacks on IoT (Internet of Things) networks, and sale of hacker tools with open source. The authors have analyzed the number and quality of cyberattacks on domestic financial institutions in 2016–2020; summarized the losses caused by cyberattacks to financial institutions; and identified the main scenarios for the development of cyberthreats and cyberattacks for the national financial system. As the main conclusion, the authors determine that further elaboration of the issues of ensuring financial institution cybersecurity in the digital economy requires justification and implementation of specific programs and activities carried out both by commercial banks within the framework of individual strategies for ensuring digital security, and by authorities and management with positions of ensuring the digital sovereignty of the state.

Danial Javaheri,Mahdi Fahmideh,Hassan Chizari,Pooia Lalbakhsh,Junbeom Hur

DOI: https://doi.org/10.1016/j.eswa.2023.122697

2023-12-04

Abstract:The rapid evolution of the Smart-everything movement and Artificial Intelligence (AI) advancements have given rise to sophisticated cyber threats that traditional methods cannot counteract. Cyber threats are extremely critical in financial technology (FinTech) as a data-centric sector expected to provide 24/7 services. This paper introduces a novel and refined taxonomy of security threats in FinTech and conducts a comprehensive systematic review of defensive strategies. Through PRISMA methodology applied to 74 selected studies and topic modeling, we identified 11 central cyber threats, with 43 papers detailing them, and pinpointed 9 corresponding defense strategies, as covered in 31 papers. This in-depth analysis offers invaluable insights for stakeholders ranging from banks and enterprises to global governmental bodies, highlighting both the current challenges in FinTech and effective countermeasures, as well as directions for future research.

Cryptography and Security,Artificial Intelligence

M. N. Dudin,S. V. Shkodinsky

DOI: https://doi.org/10.26794/2587-5671-2022-26-6-52-71

2022-12-29

Abstract:The goal of the study – development of specific methodical reasoned proposals on improvement of the mechanism for ensuring sustainable development of the national banking system and its security against external challenges and threats to cyberspace. The scientific novelty consists in a comprehensive analysis of the processes of ensuring the cyber stability of the Russian banking system in the context of escalation of external challenges and threats to the digital economy. The authors used the following methods: general scientific (observation, comparison, measurement, analysis and synthesis, logical reasoning method), specific scientific (static analysis, peer review, graphical method). In the article conducted a critical review of domestic and foreign scientific literature and practical recommendations to ensure the protection of the banking institution from cyber threats in the digital economy; presented a comparative analysis of the organization of the cybersecurity system in the Russian and foreign banking systems; done multidimensional statistical analysis of cyber threats for Russian banks; substantiated recommendations and proposals on organizational, economic and legal improvement of the system of protection of Russian banks from internal and external cyber threats. As a result , it is shown that the main problem points (zones) of the banking system, creating the prerequisites for the occurrence of cyber-risks are: 1) there is no exchange of information on cyber-attacks and their mechanisms; 2) banks interact inefficiently with the state regulator of Internet – Roskomnadzor; 3) low level of competence of bank employees who are responsible for cybersecurity; 4) limited budget of small and medium-sized banks that wouldn’t allow them to care independent cyber-protection units; 5) growing popularity of new fintech services and new fintech companies. The author draws a conclusion that the following measures are necessary for organizational, economic and legal improvement of the system of protection of Russian banks from internal and external cyber threats: the processes of development of banking ecosystems should be intensified; a federal interbank register of cyber fraudsters must be created; a single banking «polygon» for testing cyber threats needs to be developed.

D.A. Kurmanova,D.R. Sultangareev,L.R. Khabibullina,,,

DOI: https://doi.org/10.17122/2541-8904-2020-2-32-82-91

2020-01-01

Bulletin USPTU Science education economy Series economy

Abstract:Cyber incidents continue to move up in the rating of possible threats and occupy the second position in the ranking of risks in the activities of companies (40 %). Five years ago, they were on the fifteenth line. Like a natural disaster or pandemic, a cyber attack can have a negative impact on hundreds of companies, and the number of such incidents is growing. So-called "cyber incidents",when hackers interfere with the activities of a large number of companies, using the dependencies of their shared Internet infrastructure, occur more often. This reflects the fact that today's world of risk management is more volatile than ever. At the same time, with the upcoming entry into force of the General data protection regulation (GDPR), which has been in effect throughout Europe since may 2018, the prospects of imposing more and larger fines on companies that do not comply with it have already become real. Actions taken by the company in light of a data integrity violation directly affect the final cost of such a violation. Reputational damage is inevitable if the response to a cyber incident is inadequate. New risks require new tools to respond to their potential impacts and mitigate them. This article discusses the possible risks of financial technologies, draws attention to cyber threats, the frequency of which is increasing, and offers a model for identifying and evaluating cyber risks.

Kutub Thakur,Meikang Qiu,Keke Gai,Md Liakat Ali

DOI: https://doi.org/10.1109/cscloud.2015.71

2015-11-01

Abstract:Cyber security has been used interchangeably for information security, where later considers the role of the human in the security process while former consider this as an additional dimension and also, focus person has a potential target. However, such discussion on cyber security has important implication as it focuses on the ethical part of the society as a whole. To address the issue of cyber security, various frameworks and models have been developed. It also introduces the concepts of cyber security in terms of its framework, workforces and information related to protecting personal information in the computer. This paper reviews these models along with their limitations and review the past techniques used to mitigate these threats. Furthermore, the report also provides recommendations for future research.

Morshadul Hasan,Ariful Hoque,Thi Le

DOI: https://doi.org/10.3390/fintech2030028

2023-07-19

FinTech

Abstract:At present, with the rise of information technology revolution, such as mobile internet, cloud computing, big data, machine learning, artificial intelligence, and the Internet of Things, the banking industry is ushering in new opportunities and encountering severe challenges. This inspired us to develop the following research concepts to study how data innovation impacts banking. We used qualitative research methods (systematic and bibliometric reviews) to examine research articles obtained from the Web of Science and SCOPUS databases to achieve our research goals. The findings show that data innovation creates opportunities for a well-developed banking supply chain, effective risk management and financial fraud detection, banking customer analytics, and bank decision-making. Also, data-driven banking faces some challenges, such as the availability of more data increasing the complexity of service management and creating fierce competition, the lack of professional data analysts, and data costs. This study also finds that banking security is one of the most important issues; thus, banks need to respond to external and internal cyberattacks and manage vulnerabilities.

Darius Moldovan,Simona Riurean

DOI: https://doi.org/10.33847/2686-8296.4.2_1

2022-12-28

Journal of Digital Science

Abstract:The internet has become more or less, for most of us a dangerous place to live, work and relax when no proper measures are taken, and the response to incidents is not very clear and well implemented, both for organizations and individuals. This paper makes a short overview of current types and incidents of cyber-attacks, as well as the current state of threats, and the grade of awareness worldwide. Some methods to prevent cyber-attacks, malware analysis, and threat hunting, are presented, too. The paper also contains an application developed with a series of APIs that link the application to open-source tools and activate them, hence analyzing the content of the possible malicious files.

DOI: https://doi.org/10.54060/a2zjournals.jase.42

2024-01-01

Abstract:Due to the quick development of technology, the digital age has brought with it ad-vantages never before seen, but it has also opened the door to a flood of new cyber security concerns. This study offers detailed analysis of the cyber threat environment in the digital era along with suggestions for doable protective measures. The report outlines a number of cyber threats, including malware, phishing scams, ransomware, and insider threats. It looks at the continually evolving tactics employed by cyber-criminals, such as social engineering, zero-day flaws, and sophisticated persistent threats. The growing hazards associated with cutting-edge technology, such as the Internet of Things (IoT), cloud computing, and artificial intelligence, are also exam-ined. The importance of a multi-layered security strategy to counter these attacks is emphasized in the article. Among the important preventative measures that are presented are robust network security, secure coding methodologies, user awareness training, encryption, access controls, and incident response planning. It also high-lights how crucial it is for people, businesses, and governments to collaborate in or-der to confront cyber risks. By using the recommended solutions and promoting a culture of cyber security awareness, people and organizations may navigate the dig-ital age with confidence and protect themselves from the continuously evolving environment of cyber risks.

Anirban Pathak,Rishi Dutt Sharma,Dhananjoy Dey

DOI: https://doi.org/10.48550/arXiv.1804.03910

2018-04-11

Cryptography and Security

Abstract:With the advent of e-commerce and online banking it has become extremely important that the websites of the financial institutes (especially, banks) implement up-to-date measures of cyber security (in accordance with the recommendations of the regulatory authority) and thus circumvent the possibilities of financial frauds that may occur due to vulnerabilities of the website. Here, we systematically investigate whether Indian banks are following the above requirement. To perform the investigation, recommendations of Reserve Bank of India (RBI), National Institute of Standards and Technology (NIST), European Union Agency for Network and Information Security (ENISA) and Internet Engineering Task Force (IETF) are considered as the benchmarks. Further, the validity and quality of the security certificates of various Indian banks have been tested with the help of a set of tools (e.g., SSL Certificate Checker provided by Digicert and SSL server test provided by SSL Labs). The analysis performed by using these tools and a comparison with the benchmarks, have revealed that the security measures taken by a set of Indian banks are not up-to-date and are vulnerable under some known attacks.