Academic journal article International Journal of Cyber Criminology

Cyber Attacks and Defense Strategies in India: An Empirical Assessment of Banking Sector

Academic journal article International Journal of Cyber Criminology

Cyber Attacks and Defense Strategies in India: An Empirical Assessment of Banking Sector

Article excerpt

Introduction

Cyber crime is emerging as a challenge for national and economic security. Many industries, institutions and public and private sector organizations (particularly those within the critical infrastructure) are at significant risk. Comparatively some organizations have identified organized cyber criminal networks as its most potential cyber security threat and some are ready to defend such security threats.

The complexity of modern enterprises, their reliance on technology and the heightened interconnectivity among organizations have created widespread opportunities for theft, fraud and other forms of exploitation by offenders both outside and inside an organization. With the growth of e-business, internal and external perpetrators can exploit traditional vulnerabilities in seconds. They can also take advantage of new weaknesses in the software and hardware architectures that now form the backbone of most organizations (KPMG, 2000, p. 2). In a networked environment, such crimes can be committed on a global basis from almost any location in the world, and they can significantly affect an organization's overall work culture. Network and computer attacks have become common issues in today's world (KPMG, 2000, p. 2). Any computer connected online is under threat from viruses, worms and attacks from hackers. Public users as well as business users are attacked on a regular basis. As organizations develop and refine their e-business strategies, they need to consider the issues that influence the Confidentiality, Integrity and Availability of their data. In this context, they need to know how they can be affected by the new risks of e-crime and how inadequate preparation could leave them open to an attack that could easily degrade the value of their businesses. Thus, the need to fight computer and network challenges in form of cyber attacks is becoming gradually more essential for security professionals (Hansman & Hunt, 2005, p. 32).

Electronic banking, with its inherent advantages for the banking industry as well as the customer, is an area with tremendous growth potential. This field has also seen a corresponding rise in network security breaches, data thefts, data losses, identity thefts and other white collar crimes resulting in huge losses to the banking industry. Losses by the banking industry worldwide due to white collar crimes are in huge amounts and far outstrip conventional methods of bank robbery. The exponential speed at which internet banking has evolved, the ubiquitous and global nature of open networks and the overwhelming reliance on IT has all added up to provide a platform for enhanced security challenges. Amendments in the IT act, banking regulations and the various wireless networking issues that need to be taken into account by the industry.

When a bank's system is connected to the internet or intranet, an attack could originate anytime, anywhere. Some essential level of security must be established before business on the internet can be reliably conducted. An attack might be in the form of unauthorized access, destruction, corruption or alteration of data or any type of malicious procedure to cause network failure, reboot or hang. Modern security techniques have made cracking very tedious but not impossible. Furthermore, if the system is not configured properly or the updated patches are not installed then hackers may crack the system using security hole. A wide array of information regarding security hole and their fixes is freely available on the web.

Hertzum et al. (2004) analyzed six Danish web-based electronic banking systems which indicated that the systems have serious weaknesses with respect to ease of use which suggested that security requirements are among their causes and the weaknesses might result in low level security (p. 52). They viewed the conflict between ease of use and security in the context of usable security, a concept that is intended to match security principles and demands against user knowledge and motivation. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.