Cyber Crime

in Financial
Industry
ITS103 Current Affairs and World Issues
Juliana Seng Mei Feng
112139Y
Diploma in Information Security

Contents
Overview ................................................................................................................................................. 2
Description .............................................................................................................................................. 2
Microsoft and FBI take down global cybercrime ring
1
........................................................................ 2
US arrests dozens in cybercrime swoop
2
............................................................................................ 3
Feds Take Down Cyber Crime Ring that Allegedly Raided $45M
3
...................................................... 4
Impact ..................................................................................................................................................... 4
Financial loss ....................................................................................................................................... 4
Stolen personal identities ................................................................................................................... 4
Reliability of financial institutions ....................................................................................................... 5
Pressure on governmental services .................................................................................................... 5
Supporting other illegal operations .................................................................................................... 5
Countermeasure ..................................................................................................................................... 5
Securing applications and services ..................................................................................................... 5
Educating the public ........................................................................................................................... 5
Enforcement of laws ........................................................................................................................... 5
Collaborating with companies ............................................................................................................ 5
Conclusion ............................................................................................................................................... 5
References .............................................................................................................................................. 6


Overview
Over the past decade, people all over the world have taken to the Internet and time spent online is
on the rise. With it, come businesses who hope to ride on the Internet bandwagon to expand their
customer base. Apart from companies who operate online stores, many small-medium enterprises
and multinational corporations also use Internet and computer technologies from a day-today basis,
including those from the financial industry. As the money flows into cyberspace, people who hope to
make illegal profit follows along. Hence, we see the current threat of cybercrime in the financial
industry.
Description
The motivations for a cybercriminal, specifically known as hacker, include fame, curiosity and money.
Usual procedures include the introduction of a malware or finding a loophole in the system, from
which the hacker can then attain access to carry out their illicit operations, such as the transfer of
funds. Below are some case studies of recent cybercrimes in the financial industry.
Microsoft and FBI take down global cybercrime ring
1


A sophisticated ring of cybercriminals are responsible for over $500 million in financial fraud. Their
operations involved the infection of more than 1,000 networks of computers with botnet malware.
It affected roughly 5 million people around the globe, including the United States, Europe, Hong
Kong, Singapore, India and Australia.
US arrests dozens in cybercrime swoop
2

Two dozen people, spanning over 13 countries, were involved in the trafficking of stolen credit card,
bank accounts and other personal identification information belonging to hundreds of thousands of
consumers, over the internet. The operation used malwares, viruses, etc to hijack victims
information. The individuals were involved in buying, selling stolen identities, exploited credit cards,
counterfeit documents and sophisticated hacking tools.
US officials described the investigation and arrests as the largest co-ordinated international law
enforcement action in history directed at carding crimes.
Feds Take Down Cyber Crime Ring that Allegedly Raided $45M
3


In one operation detailed, eight individuals made $2.4 million though fraudulent withdrawals in New
York City in less than nine hours. The crime rings used sophisticated intrusion techniques, known as
Unlimited Operations, to penetrate the systems of global financial institutions and steal prepaid
debit card data and eliminate withdrawal limits. The defendants were charged with conspiracy to
commit access device fraud, money-laundering conspiracy and money laundering.
Impact
Financial loss
Needless to say, the first and foremost objective of the criminals is to perform illegal transfer of
funds from their original owner. This may be ordinary middle-class citizens, or companies, or the
financial institute themselves. Quality of ordinary citizens lives may lower due to a decrease of
financial support. Companies may go bankrupt, or their investors trust in them may decrease due to
the incident.
Stolen personal identities
Stolen credit card information contains private information. Apart from using them in financial
crimes, they can also be used to impersonate their owners and be used to undertake even more
serious crimes. Alternatively, they can be used to take out loans, which will then be the liability of
the original owner of the information.
Reliability of financial institutions
If a financial institution were to fall victim to cybercrime, they could possibly loss public recognition
and trust. If the crime was preventable and the company was found to be at fault for failure to take
corrective actions before the attack, they could be further fined by their local government.
Pressure on governmental services
Some financial institutions are supported by their government. When the financial institution is at
risk of failing, the government has to come in to ensure that it doesnt. Due to the massiveness of
the institute and the population that it supports, certain banks may be considered too large to fail.
This puts pressure on the governments budget and on tax payers.
Supporting other illegal operations
Money laundering and other financial crimes are sometimes carried out secondary to a main crime;
which can be company corruption, trafficking of illegal substances, etc. The success of the financial
crime contributes to other crimes.
Countermeasure
Securing applications and services
Applications and services, such as the online portal of a bank, or the ATM, or any website, can be a
potential opening for attackers to steal information and gain access to accounts or even the
companys system. Companies should have a dedicated security department overlooking this area
and make security a priority.
Educating the public
Computer users should be educated to be computer-savvy. They should recognize the symptoms of
a possible infection, and know what to do to counter it and to avoid it in future.
Enforcement of laws
Cybercriminals should be prosecuted as such to show an example to others. Investigations into cases
must not be lax, to ensure the cybercriminals do not get away with their acts.
Collaborating with companies
Companies and investigating authorities should work closely together to prevent cybercrimes. There
should be an open share of information to thwart cybercrimes.
Conclusion
Wherever the money is, crime will always follow. However, I think what makes the differences is the
sharing of knowledge and education. If more people are educated on the prevention of malware
infection, the less likely an attacker will succeed. This sharing should also be extended to companies,
security is an issue that concerns all, and companies should work together to strengthen their
systems against attacks. Through collaboration and working as one, I believe that the issue of
cybercrime in the financial industry can be reduced.
References
1
Microsoft and FBI take down global cybercrime ring, Alanna Petroff, 6 June 2013, CNN,
http://money.cnn.com/2013/06/06/technology/security/microsoft-fbi-cybercrime/index.html
2
US arrests dozens in cybercrime swoop, Paul Taylor, 26 June 2012, Financial Times,
http://www.ft.com/cms/s/0/f91d1b3a-bfd2-11e1-bb88-00144feabdc0.html#axzz2VjyhkhZJ
3
Feds Take Down Cyber Crime Ring that Allegedly Raided $45M, Matt Egan, 9 May 2013, Fox
Business, http://www.foxbusiness.com/technology/2013/05/09/feds-disrupt-cyber-crime-ring-that-
allegedly-raided-45m/