More Related Content
What's hot
What's hot (20)
Similar to Cybercrime
Similar to Cybercrime (20)
Recently uploaded
Recently uploaded (20)
Cybercrime
- 1. Cyber Security in Internet Banking Presented By Deepika Goyal
- 2. www.company.com Internet Banking •Paper-free transactions •Account balances, transfers, bill payment, statements •Fast and convenient
- 3. www.company.com Cyber Crime in Internet Banking • Crime committed using a computer and the internet to steal a person’s identity or illegal imports or malicious programs. •With the advent of technology banking sector saw a paradigm shift in the general phenomenon which enable their customers to access their bank finances 24*7 using ATM and online banking. •However with the enhancement of technology, banking frauds have also increased.
- 4. www.company.com Incidents and financial impacts continue to grow The number of stolen Credit card information has Increased by 48% Credit card information Theft via Point of Sales infections have Increased by 700% The number of userID and password thefts has increased By 410% Cyber Threat intelligence Report First Quarter 2014
- 5. www.company.com Target of Attacks Phishing Attacks Trojan Attacks Pharming DNS Spoofing Network Interception Web Application Attacks Attacking Server
- 6. www.company.com Client Attacks Most promising attack on the client: • Phishing •Motivate user to enter confidential information on fake web site • Simple Trojans • Limited to a handful of eBanking applications • Steal username, password and one time password • Steals session information and URL and sends it to attacker • Attacker imports information into his browser to access the same account
- 7. www.company.com Generic Trojans •Infection of client with user interaction • Email attachments (ZIP, Exe, etc.) • Email with link to malicious web site • Links in social networks • Integrated in popular software (downloads) • File transfer of instant messaging/VoIP/file sharing • CD-ROM/USB Stick
- 8. www.company.com Features • In the wild since 2007, but still in development • Can attack any eBanking (and any web application) • New configuration is downloaded continously Infection of client without user interaction • Malicious web sites • Infection of trusted, popular web sites (IFRAME …) • Misusing software update functionality (like Bundestrojaner) • Attacks on vulnerable, exposed computer (network/wireless)
- 9. www.company.com Pharming •Pharming is a cyber attack intended to redirect a website's traffic to another, fake site. Pharming can be conducted either by changing the hosts file on a victim's computer or by exploitation of a vulnerability in DNS server software.
- 10. www.company.com Actors of Banking Fraud The actors of banking fraud can be categorised into four main categories. •Malacious Exploiters •Money Mules •Victims •Security Guardians
- 11. www.company.com Malacious Exploiters It can be categorised into five sub categories: • Innovators • Amateur • Insiders • Copy Cats • Criminals Individuals recruitted wittingly and often unwittingly by criminals, to facilitate illegal funds transfers from bank accounts Money Mules
- 12. www.company.com Victims • Banks • User of these banks It can be categorised into two sub categories: Security Guardians They are the most important actor of this system as they improve the existing banking system and help in removing the vulnerabilites and development of systems so that these frauds can be mitigated.
- 13. www.company.com Security Measures • Attack Detection • Second Channel / Secured Channel • Secure Client Secure Client Second Channel Secured Channel Attack Detection
- 14. www.company.com Attack Detection • Detect session hijacking attacks • Monitor and compare request parameters • Identify SSL Session and IP address changes • Transaction verification / user profiling • Statistic about normal user behaviour • Compare transaction with normal user behaviour • White list target accounts • Limits on transaction amount
- 15. www.company.com •Second Channel • Send verification using another channel • Another application on the client computer • Another medium like mobile phones (SMS) •Secured Channel • Enter data on an external device • External device can not be controlled by Trojan • Externel device contains a secret key Security Measures
- 16. www.company.com •Secure Platform • A computer that is only used for eBanking • Bootable CD-ROM, Bootable USB Stick • Virtual Machine • eBanking Laptop •Secure Environment • Start an application (eg Browser) that protects itself from Trojans. • Proprietary Application (fat client) • Verify environment before login is possible Security Measures
- 17. www.company.com Security trends Current client security approaches: •A) Secured Application/Virtualization • Hardened Browser on USB stick • Application to secure the client • Virtual operating system on host system • Bootable CD-ROM/USB stick •B) Transaction Signing • Transaction details and unlock code on mobile (SMS) • External device with SmartCard • Read information from screen and decrypt on external device
- 19. www.company.com B) Transaction Signing • Devices (some examples): • Mobile phones • IBM ZTIC, EVM CAP, Axsionics • Tricipher
- 21. www.company.com Secure Communication • In our fictious example we have a user Alice who wishes to login to her bank. We also have a vicious attacker Eve who is trying to steal Alice's hard-earned money. The bank is using a username and password to protect • Alice's account has no encryption. This scheme is obviously vulnerable to a snooping attack as illustrated in below Figure. One way to improve security is by employing One-time Passwords.
- 22. www.company.com • One-time passwords (OTPs) are, like the name suggests, passwords that are used only once. One-time passwords • The OTPs can be implemented using a hash-chain algorithm.
- 23. www.company.com Secure Socket Layer • Secure Socket Layer abbreviated as SSL is a protocol designed to provide security and data integrity. • SSL supports a wide range of algorithms, some very strong and some weak. For example Handelsbanken, a Swedish bank, uses SHA-1 for signing and RSA for encryption.
- 24. www.company.com Security Token • We saw how OTPs are constructed and used. • We can further enhance the security by a PIN-code. • This two-factor authentication makes it more dificult to gain access to an account.
- 26. www.company.com Chip Authentication Program (CAP) • CAP is a relatively new protocol based on the older EMV standard. • It was developed by MasterCard and is based on digitally signing transactions. • CAP can operate in three modes: identify, respond and sign.
- 27. www.company.com CAP Modes • Identify : Without requiring any further input, the CAP reader interacts with the smartcard to produce a decimal one-time password, which can be used, for example, to log in to a banking website. • Response : This mode implements challenge-response authentication, where the bank's website asks the customer to enter a "challenge" number into the CAP reader, and then copy the "response" number displayed by the CAP reader into the web site. • Sign : This mode is an extension of the previous, where not only a random "challenge" value, but also crucial transaction details such as the transferred value, the currency, and recipient's account number have to be typed into the CAP reader
- 28. www.company.com Response-mode of the CAP- protocol
- 29. www.company.com Recent… Kaspersky Lab, a Russian security company, said that hackers had infiltrated more than 100 banks in 30 countries in the past two years which has stolen up to $1bn from banks and financial institutions around the world in what could be one of the biggest banking breaches ever recorded.