Abstract
The increased reliance on online services during the recent pandemic has compelled businesses and operations to make a major technological shift to ensure online presence. However, this online paradigm shift has also attracted malicious agents who aim to benefit from vulnerabilities in the cyber world. These attackers target a wide spectrum of sectors including healthcare, government agencies, education, and financial services. In this chapter, the impact of insider security attacks on FinTech applications is discussed. A detailed account of insider attacks applicable on FinTech applications is provided. Moreover, solutions and recommendations are provided to make FinTech applications more secure by preventing and defending against insider attacks benefitting from emerging fields like crypto-currency, micro-finance, and robo-advisors. Successful prevention and defense against these attacks will ensure that the FinTech industry can be secure and can contribute in, as laid out in UN's Sustainable Development Goals, decent work and economic growth for the masses.
TopIntroduction
The modern era is characterized by rapid technological development that directly impacts lives in many domains, ranging from home life to business to healthcare. The advancement in technology and the global move towards digitization has helped various countries in their economic growth. This technology development and associated economic growth is in line with the UN’s sustainable development goals, decent work and economic growth.
Global trends are usually driven by financial and business motivations. It was inevitable that the rapid advancement in technology would also find its application in the financial world. In this regard, the term FinTech was recently coined. FinTech covers cutting-edge technological solutions applied to the field of finance and related services such as banks, financing companies and insurance companies. FinTech has become one of the fastest growing and most lucrative technological fields in the modern era due to the potential gains involved. A combination of factors has contributed to its prolific growth: technological advancements, the intense business competition and high customer expectations characteristic of capitalist markets (which in turn triggers innovation), and inflation-driven requirements to save on costs and maximize profits. According to Statista (Statista, 2022) the global Fintech market is anticipated to grow at a Compound Annual Growth Rate (CAGR) of around 20% over the next four years.
Like any emerging field, FinTech faces challenges in several domains, such as data management, hardware and infrastructure requirements, and the complexity of interaction among loosely connected or disparate systems. The work presented in (Gai, 2018) ranks security and privacy among the top five crucial aspects of FinTech developmental challenges. This is not surprising, given the sensitivity of financial data, both from a privacy perspective as well as the potential for misuse. The more widespread any technology becomes, the more lucrative it becomes for cybercriminals to attack, as they stand to gain more profit from successful attacks. In this respect, FinTech is among the most high-risk domains that attract malicious actors and must be systematically and thoroughly secured. Given the growing interest of hackers in this field, coupled with financial stress and layoffs in the uncertain economic situation globally, there is increased motivation for cyber-attacks, including insider attacks, which are the primary focus of this chapter.
The Covid-19 pandemic turned the world upside down. During this pandemic, digitization became the reason for the survival of many businesses, contributing to the survival of a crumbling global economy. A large proportion of businesses shifted either entirely online or at least had to maintain an online presence for some operations. Due to the never-ending lockdowns and social distancing restrictions, in-person visits to financial institutions such as banks were reduced. To overcome these challenges, multiple countries facilitated their citizens and introduced measures which could encourage the users to use FinTech services remotely. For instance, in Pakistan the online transaction fee was waived for inter-bank transactions to encourage bank customers to restrict movement to halt the spread of the virus. Similarly, account opening and registration processes for various financial services were offered remotely via web or phone. This online nature of FinTech services, even though it provided convenience to customers, also opened opportunities for malicious actors. Increased financial transactions online also gave rise to online frauds which included hacking into personal accounts for money withdrawals or phone call-based scams for getting access to confidential information. Overall, the vastly increased online attack surface, coupled with the fact that many households lost their jobs and struggled financially, resulted in a massive rise in cybercrime after the pandemic.
A broad spectrum of attacks targets FinTech organizations and services. For example, denial of service attacks, data destruction or tampering, data exfiltration and espionage, ransomware and myriad other attacks target FinTech. Many of these attacks are common with other domains, such as healthcare, but as discussed above, FinTech applications are particularly attractive to cyber attackers. As the field of FinTech grows, new trends and technologies have also emerged, such as microfinance and cryptocurrency, which bring their own unique security and privacy challenges. The speed of their adoption and the rapid move to shift existing services into cyberspace has surpassed the speed of development of appropriate security standards and technologies for FinTech. Hence, these new technologies remain ripe for attackers to profit from.
Key Terms in this Chapter
Social engineering: Tricking human users and relying on their actions to gain access to restricted information or systems, e.g., calling an employee pretending to be the human resource department and getting them to grant access to their private documents.
Privilege-Escalation: The steps through which a lower-privileged user is able to temporarily elevate privileges and carry out actions that are only permitted to higher-privileged users; for example, an IT employee may not ordinarily be privileged to disable a firewall but is able to do so by exploiting some vulnerability.
Phishing: Fake communication that pretends to be from a legitimate source and intends to trick the receivers into divulging private information (e.g., a fake email pretending to be from a bank, intended to trick bank customers into sharing their online banking credentials).
Insider: Someone who is either permanently or temporarily affiliated with the organization (e.g., a permanent employee or a temporary contractor), affiliated with someone in the organization, e.g., an employee’s family member or client, or has gained temporary access to the organization’s internal network, e.g., a remote attacker who has obtained an employee’s credentials to remotely log into an internal system.
Insider Attack: An attack that originates from within the organization’s internal network.
Crypto-Currency: A digital currency that is not centrally managed by any government or any other authority, in which transaction records are verified and maintained essentially by the public, through a completely decentralized system based on cryptography.
Fintech: Financial technology, a term that covers the use of technology in financial services organizations to reduce costs, increase efficiency, improve customer service, or automate and facilitate routine procedures.
Blockchain: A distributed ledger that maintains records of digital transactions (e.g., money transfer events, sale or service events, etc.) using a peer-to-peer network of user machines rather than relying on a central authority or server, and which uses cryptography for security.