Cyberattacks on the Financial Sector of Critical Infrastructure
Abstract
The financial sector of critical infrastructure represents one of the most vulnerable sectors when it comes to cyber attacks, due to its crucial role in the global economy and the nature of business today. The digitalization of finance opens the door to cyber attacks through the wide and pervasive availability of financial services on modern technologies and networks. This paper explores protective measures against cyber attacks in the financial sector by analyzing three significant incidents: the attack on the Central Bank of Bangladesh, the data breach at Capital One, and the ransomware attack on Travelex, a money transfer company. The primary aim of the research is to analyze the impact of cyber attacks on the financial sector of critical infrastructure and to identify effective protective measures that can reduce the risk of similar attacks in the future. By utilizing a review of international literature and case studies, the paper emphasizes the importance of integrating technological and organizational measures, as well as the significance of building cyber resilience through continuous improvement of security protocols and a culture of cyber awareness. The research findings indicate that while cyber attacks pose significant risks, they can also drive financial institutions toward innovation and enhancement of protective measures.
References
British Assessment Bureau. (2020). How the Travelex ransomware attack could have been avoided. Retrieved from https://www.british-assessment.co.uk/how-thetravelex-ransomware-attack-could-have-been-avoided/
Bukth, T., & Huda, S. S. (2017). The soft threat: The story of the Bangladesh bank reserve heist. SAGE Publications: SAGE Business Cases Originals.
Bull Jr, C. L., & Fincannon, C. (2024). Assignment 2.1: The 2016 Bangladesh Bank Heist.
Dumitru, D., Feraru, C.L. 2018. National Security Concept. Annals – Series on Military Sciences, 10 (2), 90-101
George, A. S., Baskar, T., & Srikaanth, P. B. (2024). Cyber threats to critical infrastructure: assessing vulnerabilities across key sectors. Partners Universal International Innovation Journal, 2(1), 51-75.
Goldstein, I., Jiang, W., & Karolyi, G. A. (2019). To FinTech and beyond. The Review of Financial Studies, 32(5), 1647-1661.
Karim, Y., & Hasan, R. (2021). Taming the digital bandits: An analysis of digital bank heists and a system for detecting fake messages in electronic funds transfer. In National Cyber Summit (NCS) Research Track 2020 (pp. 193-210). Springer International Publishing.
Khan, S., Kabanov, I., Hua, Y., & Madnick, S. (2022). A systematic analysis of the capital one data breach: Critical lessons learned. ACM Transactions on Privacy and Security, 26(1), 1-29.
Lalisang, B. (2020). Cyber-risk and Director’s liability: Exploring the Dutch legal framework.
Mapoka, T. T., Zuva, K., & Zuva, T. (2019). Hack the Bank and Best Practices for Secure Bank. International Journal of Computer Science, Communication & Information Technology (CSCIT), 7, 17-21.
National Institute of Standards and Technology (NIST). (2018). Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1. U.S. Department of Commerce. Retrieved from https://www.nist.gov/cyberframework
Nish, A., Naumann, S., & Muir, J. (2022). Enduring cyber threats and emerging challenges to the financial sector. Carnegie Endowment for International Peace.
Novaes Neto, N., Madnick, S., de Paula, M. G., & Malara Borges, N. (2020). A case study of the capital one data breach. Stuart E. and Moraes G. de Paula, Anchises and Malara Borges, Natasha, A Case Study of the Capital One Data Breach (January 1, 2020).
Novak, M. (2020, January 7). Travelex shutdown caused by Sodinokibi ransomware attack, reports say. CyberScoop. Retrieved from https://cyberscoop.com/travelex-sodinokibi-ransomware/
Pazarbasioglu, C., Mora, A. G., Uttamchandani, M., Natarajan, H., Feyen, E., & Saal, M. (2020). Digital financial services. World Bank, 54, 1-54.
Sandler, R. (2019, July 29). Capital One Says Hacker Breached Accounts Of 100 Million People; Ex-Amazon Employee Arrested. Retrieved from Forbes: https://www.forbes.com/sites/rachelsandler/2019/07/29/capital-onesayshacker-breached-accounts-of-100-million-people-ex-amazonemployeearrested/
Siddique, N. A. (2019). Framework for the mobilization of cyber security and risk mitigation of financial organizations in bangladesh: a case study.
Somogyi, T., & Nagy, R. (2022). CYBER THREATS AND SECURITY CHALLENGES IN THE HUNGARIAN FINANCIAL SECTOR. Contemporary Military Challenges/Sodobni Vojaški Izzivi, 24(3)
Уредба за одређивање критеријума критичне инфраструктуре и начину извештавања о критичној инфраструктури у Републици Србији (Службени гласник РС, бр. 69/2022)
