Beruflich Dokumente
Kultur Dokumente
Information Security
The Philippines, the Heist and Finance Sectors Cyber Security
Rainer Mar Bacus
Asia Pacific College
The Philippines, the Heist and Finance Sectors Cyber Security
Table of Contents
I. Title Page
II. Table of Contents
III. Introduction / Abstract
IV. Problem Statement and Hypothesis
V. Review of Related Literature
VI. Conclusion and Recommendation
VII. References
The Philippines, the Heist and Finance Sectors Cyber Security
Introduction / Abstract
Last 2016, one of the leading news on what happened with the
RCBC and the Bangladesh Banks $81 Million Dollar Heist made a stir in both
local and international airwaves. Not only that this made a big controversy but
also posed a big problem with the Philippines banking system. Until to this day,
this case has not been solved yet and only $68,000 were retrieved from this
incident.
by the law yet, and of course. Only this 2017, when President Rodrigo Duterte
signed the amendment of the law where more than 5 Million will be covered.
According to Douglas and Loader (2000), cybercrime can be defined as computer
facilitated activities accompanied through global Electric networks either
illegally or illicitly by definite entities.
In the banking sector, illegal money transfer and removal from one to
another account are identified as banking fraud according to Wall (2001). He has
also classified cyber-crimes into four broad categories i.e. cyber-deceptions,
cyber-violence, cyber-trespass, and cyber-pornography. The banking frauds are
classified under cyber-deception which is termed as immoral activities including
credit card fraud stealing, and intellectual property violations (Anderson &
Barton, 2012).
ATM frauds, E-money Laundering and Credit Card Frauds are the most
witnessed cybercrimes in the banking sector. In general, all the frauds are
executed with the goal of accessing user's bank account, stealing funds and
transferring it to some other bank account. In some cases the cyber criminals
uses the banking identifications i.e. passwords, e-PIN, certificates, etc. to access
client's accounts; whereas in other cases they may want to steal and transfer
the funds into other accounts illegally. The intention of cyber criminals
sometimes is just to harm the image of the banking firm and therefore, they
block the bank servers blocking the access of clients' accounts (Claessens et al.,
2002; & Hutchinson et al, 2003).
Recommendation
After the Bangladesh bank heist, the Society for Worldwide Interbank
Financial Telecommunication (SWIFT) claimed they were not hacked and that
they have taken steps to keep their financial transactions secure. As a response
to these last attacks, SWIFT is forcing banks to increase security protocols. Now,
moving money will require additional steps to prove that a real banker is
approving a transaction. Also, moving forward, banks will share more
information with one another about their computer systems. This would form a
unified defense against hackers. SWIFT is also analyzing its own infrastructure to
spot how it's being used illegally.
Banks should also educate their online customers or users to never use
their personal data as passwords and to always change the security questions to
The Philippines, the Heist and Finance Sectors Cyber Security
Security analysis data should always be compiled; all their backup plans
should be ready before any hacker makes his move. They should compile a list
of their systems weak points, and map out ways to add protection to those
vulnerable areas. By knowing your security system in and out, you can protect it
better from cyber-attacks.
Banks should also share information with other banks about their systems
and about the cyber security threats they have faced or are facing, this will help
them come up with quick counter attacks and resolution to some of the
cybercrime problem in the banking system.
Conclusion
After the Bangladesh Bank heist of 2016, cyber security problems facing the
current banking industry was brought to the fore. Vulnerabilities and loopholes
were exposed. One effective measure to mitigate such attacks would be the
implementation of training programs on a regular basis for bank employees. This
would include mostly non-IT personnel, especially those who handle sensitive
transactions and documents.
References / Citations
The Daily Star & Reuters, Bangladesh Bank responsible for $81 million heist: RCBC.
(December 14, 2016). Retrieved from
http://www.thedailystar.net/business/bangladesh-bank-responsible-81-million-
heist-rcbc-1329568
Kim Zetter, That Insane, $81M Bangladesh Bank Heist? Heres What We Know.
(May 17, 2016). Retrieved from
https://www.wired.com/2016/05/insane-81m-bangladesh-bank-heist-heres-
know,
Robinson, J. (1995). The Laundrymen: Inside the Worlds Third Largest Business.
New York, N.Y.
The Philippines, the Heist and Finance Sectors Cyber Security
Douglas, T., & Loader, B. D. (2000). Cybercrime: Security and surveillance in the
information age: Routledge
Anderson, R., Barton, C., Bhme, R.,Clayton, R., van Eeten, M. J. G., Levi, M.,
Moore, T., & Savage, S. (2012). Measuring the cost of cybercrime
Claessens, J., Dem, V., De Cock, D., Preneel, B.,&Vandewalle, J. (2002). On the
security of todays online electronic banking systems. Computers & Security, 213:
253-265
The Society of Honor. (November 16, 2015). Banking in the Philippines, Part I:
The fundamentals. Retrieved from https://joeam.com/2015/11/16/banking-
in-the-philippines-part-i-the-fundamentals/
Middleton-Leal, Matt. (June 17, 2016). Learning the Lessons of the Bangladesh
Bank Heist. Retrieved from https://www.financedigest.com/learning-the-
lessons-of-the-bangladesh-bank-heist.html
The Philippines, the Heist and Finance Sectors Cyber Security
Gulle, Jimbo Owen. (April 1, 2016) Philippine Banking System is Strong and
Stable. Retrieved from
http://www.thestandard.com.ph/news/supplements/banking-
report/219955/philippine-banking-system-remains-strong-and-stable.html
Jodesz Gavilan. (April 27, 2016). The state Of Cybersecurity in the Philippines,
Retrieved from http://www.rappler.com/newsbreak/in-depth/130883-
state-cybersecurity-philippines