Cybersecurity in Banking

From SI410
Revision as of 09:05, 27 March 2020 by Zhaostan (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

With the wide application and development of network and the internet, the internet has become an open network, public site on the bank transaction server, and the deal many high sensitivities of the information stored on the server.[1] The virus spread through the way such as Internet and E-mail, and spread faster and wider and more dangerous. Especially with the emergence of code red, Nimda and other hybrid threats, it has launched a serious challenge to the cybersecurity in banking. As the banks are considered a sensitive department, to ensure the security of the network system, it is more necessary to strengthen the detection and elimination of cybersecurity attacks and threats.

Therefore, how to ensure the safety of the online trading system of the banks is the most crucial problem in the construction of online banking. The bank transaction server requires a higher level of security, and the security server is greatly dependent on the safety of the operating system. Unfortunately, whether the widely used UNIX or Windows operating system, its security level is not enough. Problems include the degree of access control, existent of superuser security vulnerabilities, and several other fatal problems of the operating system. Online banking system makes bank internal network to become publics to the general internet, but the currently existing online banking system protection is not strong enough, making it possible for the criminals to destroy the bank internal applications or breakthrough into the internal network to attacks bank transaction servers, thus putting cybersecurity in banking at risk.

Internet finance is a financial service form running on the basis of a global electronic information system. Therefore, the technical and administrative security of the global electronic information system has become the most important system at risk for banks.[2]


A bank information system is a technology-intensive, capital intensive, large-scale complicated human-machine system. With the rapid development of global information technology, its application in the banking system is more and more widely used and the reliance of the information system is becoming more comprehensive. At the same time, the risk faced by the bank information technology system will also increase. Cybersecurity is the life of banking information systems. With the development of the bank information system, the information is more concentrated and the scale is larger. While the banking industry's dependence on it is increasing, at the same time the importance of cybersecurity in banking is also increasing. It is crucial to the survival of the bank and the success of its operation, so cybersecurity in banking should be regarded as equally important as the security of the capitals. Bank information system security is not only relevant to the industry itself, but also pertinent to a country's economic security, social security, and national security. Because of its particularity, cybersecurity is more serious and important in the field of banking.


With the increasing use of technology in the bank's various businesses, banks are facing great cybersecurity challenges. The widespread use of bank cards and self-service devices, as well as the rapid development of the internet and e-commerce, have all enlarged the possibility of attacks on the banking system.


The awareness of cybersecurity in banking is weak, and the security concept has not been deeply rooted in people's mindset. For cybersecurity, the primary problem is the problem of concept and consciousness. From the management level to the front line employees, it is very important to realize the importance of cybersecurity in banking and to know the basic connotation of the security. At this point, bank operators have put great attention to its cybersecurity, but many employees have not to regard cybersecurity as their focus, rather thinking it is an issue for the technology management department.[3]

"Unattended" System

The widespread use of self-service devices and online banking increases the risk of external attacks. Because the self-service equipment and online banking in a sense are running in an "unattended" motion because all the operations are completed by the customer. This will give more opportunities for potential attackers. Additionally, customer's lack of safety consciousness will also increase the risk of their accounts, eventually bring losses to the bank.

One important contradiction is between the convenience and the security of the system, and most users often pay more attention to the convenience and neglect the security. However, the most important thing about the bank is not the level of technology, but the implementation of basic norms and the application of common security means. For example, password protection, requiring periodic changes and not using overly simple passwords are the most basic security requirements, but employees have demonstrated poor execution in the implementation of password settings.[4] There are also many other similar problems. Some of these problems can be solved to a certain extent by technical means, such as imposing modification deadlines, requiring combinations of numbers and letters, filtering simple passwords, and so on. Nevertheless, the ultimate effect still depends on the employee's awareness of cybersecurity in banking.


From a systematic perspective, investing in safety is not only about enhancing products and tools, but it should also put attention in making appropriate policies, operational processes, and emergency response mechanisms.[5] The use of security products and tools should have a corresponding supporting mechanism, otherwise, no one will deal with the alarm, no one will respond to the invasion. However, to establish a proper management mechanism also requires investment, such as information processing investment, which is closely related to the unity of the entire security system. But in the current bank cybersecurity construction, this aspect of investment has not yet received enough attention.[6]

Current Status and Risk Analysis

With the increasingly fierce competition among financial enterprises, Banks have done a lot of work in improving service, increasing service functions, perfecting business varieties, and improving service efficiency. Through the realization of financial electronization, the use of high technology to promote the development and progress of the financial industry is bound to bring great economic benefits to the development of the banking industry.

Risk Analysis

Cybersecurity has four important risk factors.[7]

Internet Unit Risks: Online banking, e-commerce, online trading systems are connected with the bank through the public network. Because of the characteristics of the internet itself is extensive and free, a financial system will naturally be listed in the front of its attack target by malicious intruders.[8]

External Unit Risks: Due to the increasing intermediary services of the bank, such as collecting fees on behalf of others, paying taxes on behalf of others, and third-party depository and management, the interconnection with the network of other units, the bank network system naturally increase its cybersecurity threats from external units.[9]

Internal Unit Risks: According to the survey statistics, of all the cybersecurity incidents that have occurred previously, 70% of the attacks are from internal units. Therefore, intranet cybersecurity risks are more serious. Internal employees are familiar with their own enterprise network structure and application, and their own attacks may become the most deadly cybersecurity threat to the system.

Managing Cybersecurity Risks: The weak cybersecurity consciousness of enterprise employees and the flimsy cybersecurity management system are also one of the most important factors for cybersecurity risks. A sound cybersecurity management system is a key factor to ensure and maintain an enterprise's cybersecurity.

The Consequences of Risk

The possible consequence of cybersecurity threats includes illegal use of resources, spiteful destruction of data, data theft, data tampering, counterfeiting, forgery, deception, and extortion. The consequences and losses for such a sensitive industry as banking are incalculable.

Cybersecurity Risk Solution

System Security

Operating System Cybersecurity: These include cybersecurity bugs and backdoors in the operating system, which are often exploited by intruders. Therefore, the operating system must be equipped with cybersecurity configuration, the latest patch, and the use of the corresponding scanning software for its cybersecurity evaluation.

Application System Cybersecurity: For the cybersecurity of the application system, we should try to open only the services that frequently used and close the protocols that are not used. Also, strengthen the user's login identity authentication, ensure the user's legitimacy, and strictly limit the operation permission. Besides, make full use of the login function to record the information accessed by the users, and provide a basis for post-review.

Internet Security

Network Structure Cybersecurity: Whether the network structure layout is reasonable or not also affects the cybersecurity. The production area, office area, outreach area, and test area of the banking system must be reasonably distributed according to their respective application scope and degree of confidentiality, to avoid the threat caused by the low local cybersecurity and spread to the entire system.[10]

Enhance Access Control: The banking system network must be physically isolated from the public network. The isolation and access control between the internal network, external network, and untrusted network can be achieved by installing a firewall.

Cybersecurity Check: Because of the safety control system is static protection such as cybersecurity system firewalls. Therefore, it must also be equipped with intrusion detection systems for active defense. Its function is real-time analysis of the network data flow, violations tracking, alarming, and blocking the connection. It can deal with both internal attacks and attacks from external units.

Application Security

System Virus Protection: To prevent the invasion of viruses, we should configure the latest antivirus system according to the specific system type. Whether the virus is from an internal network or external network, the antivirus system can protect the entire network and eliminate the virus as soon as detection, preventing the spread of it.

Information Security

Information Storage: The most important division of the banking system is the security of the database because the banking system uses servers to store data. Therefore, data are centralized in a large database system, so the cybersecurity of the database is particularly important. The most secure and effective way to protect the database is to use a backup and recovery system.

Managing Security

While the realization of cybersecurity is heavily dependent on technical means, management security is equally important to assure the maintenance of cybersecurity. To formulate the cybersecurity in the banking system, national laws, regulations of the publicity, and enhance the overall cybersecurity awareness of enterprise personnel are crucial.[11]


In a word, the use of computer systems in the banking industry should put safety first.[12] To ensure the accuracy of data and the security of funds is the first thing to consider and is one of the prerequisites for the construction of a modern bank. While technology brings great development to the banking business, it also brings greater security troubles and the potential risk to us. Only when we fully realize the importance and urgency of strengthening cybersecurity in banking protection, can we continuously improve the security management of information system and adapt to the challenges of the new economic era.[13]


  1. Up until the early eighties, transactions at financial institutions were handwritten, calculated long-hand, and done without the aid of a computer or calculator. Fast forward many years and not only can we make deposits and automate our bills to be paid online, but many employees of financial institutions are starting to work remotely as well.
  2. The banking sector has been under attack for hundreds of years. First, it was the physical theft of monies. Then it was computer fraud. Today, it’s not only cyber fraud but hacks into servers to obtain a customer’s personally identifiable information (PII). Hence, the reason why cyber security in banking is of utmost importance. As individuals and companies perform most transactions online, the risk of a data breach increases daily. This is why there’s a greater emphasis to examine the importance of cyber security in banking sector processes.
  3. Anticipatory cyber strategies put the cyber education of employees as a priority, with an outside firm doing security scans on everything before the problem occurs, having all software scanned and updated regularly, and making sure spam filters are adequate in your company’s email system.
  4. Hackers love to take advantage of weak passwords or use emails loaded with malicious computer code that lets them get inside the network while others scan for out-of-date hardware and software missing the latest security fixes. Likewise, cyber criminals work around the clock, therefore the IT firm or internal IT department must be in place to do the same.
  5. Now, big banks are starting to dip their toes in the crypto waters, with one in five financial firms saying they might start trading cryptocurrencies. It’s possible that the involvement of major institutions will shore up the security of the crypto industry — but if the past is any indicator, extreme measures will have to be taken to ensure the security of these digital currencies.
  6. The Global Banking and Finance Review claims that cyberattacks have cost nearly $360 billion per year in losses every year or the past three years. In recent years, global ransomware attacks, such as WannaCry, have put financial institutions on edge, and many banks are now investing in artificial intelligence to combat hackers.
  7. Most banks are well-protected from external threats, but experts believe that threats from within pose the greatest risk. These threats can manifest in many forms, from careless employees to software vulnerabilities to outdated hardware. Banks are taking measures to educate and train employees on cybersecurity protocol, but the basics aren't enough to combat well-versed hackers.
  8. As consumers continue their long slow march away from cash, banks are becoming more heavily invested in mobile and web-based services that facilitate payment and transfers. However, these applications are creating new vulnerabilities that banks will have to address.
  9. In the last decade, banks have poured countless resources into protecting their own networks and systems from cyber attack. As a result, hackers have looked elsewhere for points of entry — and when they’ve found them, they’ve gleefully exploited them.
  10. Implement a multi-layered email strategy. Email is the most common gateway through which hackers enter. As such, it requires multiple layers of defense including Sender Policy Framework (SPF), DomainKeys Identified Email (DKIM), and Domain-based Message Reporting and Conformance (DMARC). The combination of these protocols should prevent phishing attacks and minimize the risk of Business Email Compromise (BEC).
  11. Deploy tailored training programs. A generic video on cybersecurity won't cut it. A successful training program presents information in multiple ways to cater to all types of learning styles. Some employees may prefer a bulleted list of actions, while others learn better through real-life examples and hands-on simulations. The training should be mandatory for all departments in the bank.
  12. Banks have a responsibility to keep their customers’ funds safe from cyber criminals, and that challenge is on track to become even more difficult in 2020. We’re not sure what stories we’ll see from the financial sector next year, but as the CISO of the Federal Reserve Bank of New York put it, “Something will happen, without question.”
  13. In an increasingly digitally dependent world, every financial institution must achieve the highest levels of cybersecurity.