Presentation is loading. Please wait.

Presentation is loading. Please wait.

Business Process Compromise in Financial Institutes Kavya Kushnoor

Published byJean Booker Modified over 7 years ago

Similar presentations

Presentation on theme: "Business Process Compromise in Financial Institutes Kavya Kushnoor"— Presentation transcript:

1 Business Process Compromise in Financial Institutes Kavya Kushnoor

2 Objectives: Business Process Business Process Compromise
Features of BCP Some detected malware names Examples of Infamous Attacks Precautionary Measures

3 What is a Business Process?
It is a structural representation of the flow of activities in an organization and consists of stages and steps of a business process. These are unique for each industry and company. Example: Loan eligibility determination (in picture)

4 What is a Business Process Compromise?
It is a type of cyber attack where an attacker looks for loop-holes in business processes, vulnerable systems and susceptible practices which are handled by machines

5 Features of BCP A susceptible business process which is completely automated and machine run Once a vulnerability is identified, the hacker manipulates the machine without the employee’s knowledge The employee trusts the policies to work as usual while the attackers have access to funds and valuable data The attacker is motivated by fraudulent financial gains Time taken to identify it is generally 5 months on average

6 Variants of detected malware:
TROJ_RATANKBA.A. BKDR_DESTOVER.ADU BKDR_DESTOVER.A TROJ_CVE B SWF_EXPLOYT.YYRQ TSPY64_BANKER.YWNQD BKDR64_KLIPODENC.ZHEB-A TROJ64_KLIPODLDR.ZHEB-A

7 Some Infamous Attacks:
Bank SWIFT Communication Lines Fed Reserve Bank of NY Install malware to manipulate communication 2016 Bangladesh bank incident ($81 million) Tien Phong Bank (Vietnam) ($1.3 million) Banco del Austro (Ecuador) ($12 million) Link Requests fraudulent transfer of $$ Tamper with Printing system to avoid discovery of fund transfer

8 Precautionary Measures
Secure network against malware using technologies like endpoint protection and security solutions System lockdown for critical applications Regular audit and analysis of policies Vendor evaluation and risk assessments Educate and train employees to detect abnormal behavior and social engineering attacks Features Link

9 Links analysis/predictions/2017 threats/security-101-business-process-compromise protection/sps.html?cm_mmc=VURL: /us/enterprise/network-security/interscan-web-security/index.html-_-1:1 and-other-financial-organizations-hit-by-new-malware-attacks

Download ppt "Business Process Compromise in Financial Institutes Kavya Kushnoor"

Similar presentations

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Fine Tuned Machines Building a Strong Brand Image by Securing External Data Transmission A Review of Information Security in the Debt Collections World.

Fine Tuned Machines Building a Strong Brand Image by Securing External Data Transmission A Review of Information Security in the Debt Collections World.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Get Complete IT Compliance: Reduce Risk and Cost Jonathan CISO, Qualys Seth Automation Specialist, BMC.

Get Complete IT Compliance: Reduce Risk and Cost Jonathan CISO, Qualys Seth Automation Specialist, BMC.
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Security Imperatives in a New Workplace Partnering to Protect Digital Information in the 21st Century Presented by Michael Ferris, Alaska Enterprise Solutions.

Security Imperatives in a New Workplace Partnering to Protect Digital Information in the 21st Century Presented by Michael Ferris, Alaska Enterprise Solutions.
(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,

(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.

© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.
1 Group-IB: Digital investigations and forensic Ilya Sachkov Group-IB

1 Group-IB: Digital investigations and forensic Ilya Sachkov Group-IB
Monitoring High Risk Transactions May 11, 2009 Why We Monitor What We Monitor How We Monitor Does it work?

Monitoring High Risk Transactions May 11, 2009 Why We Monitor What We Monitor How We Monitor Does it work?
Www.softwareassist.net Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.

© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.
Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.

Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.
IT Security Policy: Case Study March 2008 Copyright 2000-2008, All Rights Reserved.

IT Security Policy: Case Study March 2008 Copyright , All Rights Reserved.

Similar presentations

Ads by Google