Business Process Compromise in Financial Institutes Kavya Kushnoor

Slides:



Advertisements
Similar presentations
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Advertisements

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Fine Tuned Machines Building a Strong Brand Image by Securing External Data Transmission A Review of Information Security in the Debt Collections World.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Get Complete IT Compliance: Reduce Risk and Cost Jonathan CISO, Qualys Seth Automation Specialist, BMC.
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer
Website Hardening HUIT IT Security | Sep
Security Imperatives in a New Workplace Partnering to Protect Digital Information in the 21st Century Presented by Michael Ferris, Alaska Enterprise Solutions.
(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,
SEC835 Database and Web application security Information Security Architecture.
© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.
1 Group-IB: Digital investigations and forensic Ilya Sachkov Group-IB
Monitoring High Risk Transactions May 11, 2009 Why We Monitor What We Monitor How We Monitor Does it work?
Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.
Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.
IT Security Policy: Case Study March 2008 Copyright , All Rights Reserved.
Friday, October 23, Jacqueline Harris, CPM®, CCIM® Director of Training & Administration Digital Realty Jacqueline Harris, CPM®, CCIM® Director.
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
Reducing data loss by threats detection. InfoWatch Traffic Monitor & Workplace Security. Andrey Sokurenko Business Development Director.
Computer Security By Duncan Hall.
Visibility. Intelligence. response Information Security: Risk Management or Business Enablement? Mike Childs Vice President Rook Security.
BUSINESS CLARITY ™ PCI – The Pathway to Compliance.
Albany Bank Corporation Security Incident Management Program.
(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,
Regional Telecommunications Workshop on FMRANS 2015 Presentation.
Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,
By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.
Logging and Monitoring. Motivation Attacks are common (see David's talk) – Sophisticated – hard to reveal, (still) quite limited in our environment –
Servers in the Wild… …and the threats that lurk about. DePaul University Information Security Team TLT Presentation 08 May 2002.
Securing Information Systems
Proactive Incident Response
CYBERSECURITY SOLUTIONS
Performing Risk Analysis and Testing: Outsource or In-house
Take Charge of your Finances
CYBERSECURITY INCIDENCE IN THE FINANCIAL SERVICES SECTOR March 28, 2017 Presented by Osato Omogiafo Head IT Audit.
Firmware threat Dhaval Chauhan MIS 534.
Team 1 – Incident Response
Fraud Mobility Ken Meiser VP- Identity Solutions.
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Behavior Analytics Market to surpass $3.5bn by 2024: Global Market Insights,
Take Charge of your Finances
Cyber Security & IT: What’s Next?
Gelişmiş Tehdit Korumasının İnkar Edilemez 4 Gerçeği
F5 PRO ASSETS We’ve created these Pro Assets to help you communicate to your team the importance of app security and performance. Feel free to remove.
Cyber Protections: First Step, Risk Assessment
Teaching Computing to GCSE
Information Security: Risk Management or Business Enablement?
Cybersecurity Awareness
CMGT 230 Possible Is Everything/tutorialrank.com.
CMGT 230 Education for Service/tutorialrank
Company Overview & Strategy
Advanced Services Cyber Security 101 © ABB February, | Slide 1.
Threat Trends and Protection Strategies Barbara Laswell, Ph. D
Network Security Best Practices
Cybersecurity compliance for attorneys
Objectives Telecommunications and Network Physical and Personnel
Keeping your data, money & reputation safe
Teaching you NOT to fall for Phish
Take Charge of your Finances
DATA BREACHES 6 4 , 9 3 There were…
Counter APT Counter APT HUNT operations combine best of breed endpoint detection response technology with an experienced cadre of cybersecurity experts.
Data Lost Prevention (DLP) © Copyright 2009 Technica All rights reserved. No part of this presentation in all its property may be used or reproduced in.
Presentation transcript:

Business Process Compromise in Financial Institutes Kavya Kushnoor

Objectives: Business Process Business Process Compromise Features of BCP Some detected malware names Examples of Infamous Attacks Precautionary Measures

What is a Business Process? It is a structural representation of the flow of activities in an organization and consists of stages and steps of a business process. These are unique for each industry and company. Example: Loan eligibility determination (in picture)

What is a Business Process Compromise? It is a type of cyber attack where an attacker looks for loop-holes in business processes, vulnerable systems and susceptible practices which are handled by machines

Features of BCP A susceptible business process which is completely automated and machine run Once a vulnerability is identified, the hacker manipulates the machine without the employee’s knowledge The employee trusts the policies to work as usual while the attackers have access to funds and valuable data The attacker is motivated by fraudulent financial gains Time taken to identify it is generally 5 months on average

Variants of detected malware: TROJ_RATANKBA.A. BKDR_DESTOVER.ADU BKDR_DESTOVER.A TROJ_CVE20130074.B SWF_EXPLOYT.YYRQ TSPY64_BANKER.YWNQD BKDR64_KLIPODENC.ZHEB-A TROJ64_KLIPODLDR.ZHEB-A

Some Infamous Attacks: Bank SWIFT Communication Lines Fed Reserve Bank of NY Install malware to manipulate communication 2016 Bangladesh bank incident ($81 million) Tien Phong Bank (Vietnam) ($1.3 million) Banco del Austro (Ecuador) ($12 million) Link Requests fraudulent transfer of $$ Tamper with Printing system to avoid discovery of fund transfer

Precautionary Measures Secure network against malware using technologies like endpoint protection and security solutions System lockdown for critical applications Regular audit and analysis of policies Vendor evaluation and risk assessments Educate and train employees to detect abnormal behavior and social engineering attacks Features Link

Links https://www.trendmicro.com/vinfo/us/security/research-and- analysis/predictions/2017 https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital- threats/security-101-business-process-compromise https://www.trendmicro.com/en_us/business/products/user- protection/sps.html?cm_mmc=VURL:www.trendmicro.com-_-VURL-_- /us/enterprise/network-security/interscan-web-security/index.html-_-1:1 https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/polish-banks- and-other-financial-organizations-hit-by-new-malware-attacks

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.