What is cyber security cybersecurity related issues in digital banking in vietnam and solutions to reduce possible risks

Solutions to minimize cybersecurity risks in digital banking .... Definition Cybersecurity refers to measures taken to protect Internet-connected devices, networks, and data from unautho

1

ĐẠI H C QU C GIA HÀ N Ọ Ố ỘI - TRƯỜNG ĐẠI H C KINH T Ọ Ế

BÀI TẬP NHÓM

What is cyber security? Cybersecurity-related issues in digital banking in Vietnam and solutions to reduce possible risks

Giảng viên hướng dẫn: Ths Hà Qu nh Mai ỳ

Sinh viên th c hi n: ự ệ

Nguyễ n M nh Chi n ạ ế 21050394 QH-2021-E TCNH CLC 3

Võ Hoài Anh 21050380 QH-2021-E TCNH CLC 3 Phạm Thị H ng H nh ồ ạ 21050426 QH-2021-E TCNH CLC 3

Lê La H ng ằ 20050435 QH-2020-E TCNH CLC 3

Hà N i, 10/2023 ộ

Contents

I Introduction to Cybersecurity 3

1 Definition 3

2 Types of cybersecurity 3

3 Types of common Cyberattacks: based on the method of attack 4

II Cybersecurity-related issues in digital banking in Vietnam and solutions to reduce possible risks 5

1 Issues related to cybersecurity in digital banking in Vietnam 5

2 Solutions to minimize cybersecurity risks in digital banking 6

2.1 Solution for regulatory agencies 6

2.2 Solution for banks 6

2.3 Solutions for customers 7

Case study of BIDV 7

3

I Introduction to Cybersecurity

1 Definition

Cybersecurity refers to measures taken to protect Internet-connected devices, networks, and data from unauthorized digital access and criminal use

Additionally, cybersecurity ensures the confidentiality, integrity, and

availability of data over its entire life cycle

Cybersecurity applies to both software and hardware, as well as information on the Internet It can protect everything from personal information to complex government systems

2 Types of cybersecurity

- Network security is the practice of securing a computer network from intruders, whether targeted attackers or opportunistic malware

- Application security focuses on keeping software and devices free of threats A compromised application could provide access to the data its designed to protect Successful security begins in the design stage, well before a program or device is deployed

- Information security protects the integrity and privacy of data, both in storage and in transit

- Operational security includes the processes and decisions for handling and protecting data assets The permissions users have when accessing a network and the procedures that determine how and where data may be stored or shared all fall under this umbrella

- Disaster recovery and business continuity define how an organization responds to a cyber-security incident or any other event that causes the loss

of operations or data Disaster recovery policies dictate how the organization restores its operations and information to return to the same operating capacity as before the event Business continuity is the plan the organization falls back on while trying to operate without certain resources

- End-user education addresses the most unpredictable cyber-security factor: people Anyone can accidentally introduce a virus to an otherwise secure system by failing to follow good security practices Teaching users

to delete suspicious email attachments, not plug in unidentified USB

drives, and various other important lessons is vital for the security of any organization

3 Types of common Cyberattacks: based on the method of attack

- Phishing: occurs when an email or text appears to be sent from a reputable source The goal of phishing is to trick the recipient into sharing sensitive information like credit card details and login credentials or to install malware on the victim's machine Phishing is one of the most common attacks on consumers

- Malware attack: Malware is malicious software intended to cause damage

to a computer or network Types of malware include viruses, worms, spyware, and ransomware Malware can find its way onto computers when

a user clicks a link or email attachment that installs malicious software

- Eavesdropping Attacks ~ Man-in-the-middle attack : is when a hacker intercepts, deletes, or modifies data as it is transmitted over a network by a computer, smartphone, or another connected device Cybercriminals take advantage of unsecured network communications to access data as a user sends or receives it

- Password attack: is one the easiest ways to hack the system, customer’s password could be cracked by either using common password or trying all possible alphabetical combinations

- SQL injection: An SQL (structured language query) injection is a type of cyber-attack used to take control of and steal data from a database Cybercriminals exploit vulnerabilities in data-driven applications to insert malicious code into a databased via a malicious SQL statement This gives them access to the sensitive information contained in the database

- Denial- -Service Attacksof (DoS): target devices, information systems, and other network resources to prevent legitimate users from accessing services and resources This is typically accomplished by flooding the server and host with traffic to the point that it becomes inoperable or crashes DoS attacks are system-on-system attacks, meaning they originate from a single location and target a single system

- Distributed Denial- -Service Attacksof (DDoS): attacks are similar, but the attack comes from multiple remote machines (zombies or bots) These

5

attacks can be deployed much faster and with more traffic than DoS — — attacks, so they are typically harder to detect than DoS attacks This is one

of the biggest cybersecurity threats to the banking industry

II Cybersecurity-related issues in digital banking in Vietnam and solutions

to reduce possible risks

Vietnam is currently ranked 21st in the world in terms of phishing attacks with 673,743 attacks recorded in 2020, more than 50% of cyberattacks are aimed at banks and financial institutions, in 2020, banks lost nearly 100 billion Dong from 4,000 cyber-attacks, including a bank suffering loss of up to 44 billion Dong

1 Issues related to cybersecurity in digital banking in Vietnam

Some issues related to cybersecurity in digital banking in Vietnam include:

- Violating the law in card payment activities; attack and exploit security holes; using cyberspace to fraudulently appropriate property; loan sharking through applications; Using fake BTS( Base Transceiver Station) station devices

- Cyber fraud crimes are increasing, especially transnational criminal organizations led by foreigners Initially used many sophisticated and professional methods and tricks:

Connecting with domestic entities to collect payment accounts for receiving and transferring money in violation of the law (with signs of money laundering), using virtual currency USDT and similar forms to perform work money laundering, transferring money abroad, causing great property damage to people and affecting the reputation of the banking industry

- Common fraud tricks of criminals: impersonating the Police, Procuracy, Taxation, and Social Insurance agencies, asking victims to install fake applications on their phones ( VssID, VNeID, eTax Mobile, ), silently controlling the phone, performing misappropriated money transfer transactions

=> after the victim transferred money, the appropriaters transferred it abroad through virtual currency; set up websites, impersonating employees of banks and financial companies, posting advertisements for quick and easy loan procedures, and requiring payment of fees to appropriate assets

- In addition, in recent years, artificial intelligence (AI) has exploded, leading to new forms of fraud using deepfake

Fraudsters can take over a relative's social network account, then make a video call with the same face and voice as the relative or friend, and then request money transfer

2 Solutions to minimize cybersecurity risks in digital banking

Below are some specific solutions that banks and customers can apply to minimize cybersecurity risks in digital banking:

2.1 Solution for regulatory agencies

The government should continue to support the operation of the network that coordinates the response to IT security incidents in the banking sector

1 Promoting IT security incident response network: The government

should continue to support the operation of the network that coordinates the response to IT security incidents in the banking sector

2 Supervising and urging credit institutions: The government should

monitor and encourage credit institutions to implement safety and

security solutions for online and card payment transactions

3 Applying IT risk assessment framework: The government should apply the IT risk assessment framework according to international practices to evaluate the cybersecurity readiness of credit institutions and payment intermediaries

4 Improving the legal framework: The government should research and apply international standards and practices on information system

security to the legal documents that govern the IT application activities of credit institutions and payment intermediaries

2.2 Solution for banks

Increase investment in cybersecurity: Banks need to invest heavily in cybersecurity, including:

1 Conduct regular security assessments: Banks should conduct regular security assessments to identify weakness and potential threats This will help them to take proactive measures to prevent cyber attacks

2 Implement strong authentication and access controls: Banks should implement strong authentication and access controls to protect their systems from unauthorized access This includes multi-factor authentication, password policies, and access controls

7

3 Keep software and systems up to date: Banks should keep their software and systems up to date with the latest security patches and updates This will help to prevent weakness from being exploited by cyber criminals

4 Implement data encryption: Banks should implement data encryption to protect sensitive information from being intercepted by cyber criminals This includes encrypting data at rest and in transit

5 Provide cybersecurity awareness training: Banks should provide cybersecurity awareness training to their employees to help them identify potential threats and take appropriate action

6 Partner with trusted cybersecurity providers: Banks should partner with trusted cybersecurity providers to help them identify and mitigate potential threats

7 Develop and test an incident response plan: Banks should develop and test an incident response plan to ensure that they are prepared to respond

to a cyber attack

8 Monitor networks and systems: Banks should monitor their networks and systems for potential threats and take appropriate action to prevent cyber attacks

2.3 Solutions for customers

1 Increase awareness of cybersecurity: Customers need to increase awareness of cybersecurity and take measures to protect personal information and bank accounts For example, customers need: Choose strong passwords and change them regularly

2 Do not disclose account information to others

3 Be careful with strange emails and messages

4 Download banking apps from trustworthy sources

5 Security measures: Customers should use security measures provided by the bank, such as two-factor authentication, security keys,

=>Ensuring cybersecurity in digital banking is an important task for both banks and customers By implementing the right solutions, stakeholders can reduce risks and ensure protection

Case study of BIDV

BIDV - a prominent digital banking provider in Vietnam, faces an increase in phishing attacks targeting its customers Cybercriminals send deceptive emails and messages impersonating the bank, urging customers to click on malicious

links and provide sensitive information, such as account credentials and personal details Many customers fall victim to these scams BIDV is one of the pioneering banks in digital transformation in Vietnam However, in recent years, this bank has also encountered many network security problems

In 2022, BIDV was the target of a number of phishing attacks, including:

● Phishing emails: BIDV customers received phishing emails that appeared

to be from the bank The emails contained links to fake BIDV websites that looked like the real websites When customers entered their login credentials on the fake websites, their information was stolen by the attackers

● Smishing attacks: BIDV customers received smishing messages that appeared to be from the bank The messages contained links to fake BIDV websites or malicious apps When customers clicked on the links or downloaded the apps, their devices were infected with malware that stole their banking credentials

● Vishing attacks: BIDV customers received vishing calls that appeared to

be from the bank The callers asked customers for their personal information, including their banking credentials

Impact

● Financial Losses: Phishing attacks often aim to gain unauthorized access

to users' accounts and financial information Once successful, attackers can initiate unauthorized transactions, leading to direct financial losses for both the affected customers and the digital bank

● Compromised Personal Information: Phishing attacks may result in the theft of sensitive personal information such as usernames, passwords, and account details This compromised data can be exploited for identity theft, fraud, or even sold on the dark web, posing a long-term risk to the affected individuals

● Reputational Damage: Successful phishing attacks can erode the trust that customers place in the digital banking platform A compromised reputation can lead to customer attrition, as users may choose to switch to more secure alternatives, affecting the bank's market share and overall standing in the industry

● Operational Disruption: Phishing attacks may not only target customers but also internal staff If employees inadvertently fall victim to phishing attempts, it can lead to unauthorized access to internal systems, operational

9

disruptions, and potential data breaches within the digital banking infrastructure

● Legal and Regulatory Consequences: Data breaches resulting from phishing attacks may expose digital banks to legal and regulatory consequences Non-compliance with data protection regulations can lead

to severe penalties, lawsuits, and damage to the institution's standing in the eyes of regulators and authorities

● Customer Trust Erosion: Customers expect digital banks to provide secure and reliable services When phishing attacks occur, and accounts are compromised, it undermines the trust customers place in the institution Restoring this trust can be a challenging and time-consuming process

● Increased Operational Costs: Banks may face increased operational costs

in investigating and mitigating the aftermath of phishing attacks This includes investing in cybersecurity measures, conducting forensic analyses, and implementing improvements to prevent future incidents

● Loss of Competitive Advantage: The ability to assure customers of the security of their transactions and data is a competitive advantage Phishing attacks can diminish this advantage, potentially leading to a loss of customers to competitors who are perceived as more secure

Solutions

To address these issues, BIDV has implemented strong security measures to limit phishing attacks Here are some solutions:

● Multi-Factor Authentication (MFA):

BIDV requires all customers to use multi-factor authentication to log in to their accounts This makes it more difficult for attackers to gain access to customer accounts, even if they have stolen the customer's login credentials

BIDV Smart OTP is a new transaction confirmation method that applies the most modern and advanced security technology today with many outstanding advantages such as:

- More secure & safe with a unique OTP number generated for each transaction

- Convenient & easy when the application is pre-installed on the phone and can get the OTP code even when the device has no online connection

- No need to carry Token Key when traveling or working abroad, no need for Roaming, can be used even when phone signal is lost

In addition, with Cross Login technology, when customers log in on the web browser, the system will automatically send a notification to the mobile application to wait for the customer to confirm before allowing successful login

● Educate Users:

BIDV also always provides information to digital banking users on how to recognize phishing attempts and the importance of not sharing sensitive information online through notifications on the SmartBanking application

● Customer Support Verification:

BIDV also launched 2 new services: customer support service via chat channel and automatic lookup service via IVR switchboard to support answering all customer questions related to banking transactions

● Transaction Alerts:

In addition, BIDV also enables the transaction alert feature to notify users

of any activity on their account, helping them quickly identify unauthorized transactions

● Biometric Authentication:

Implement biometric authentication methods (fingerprint, facial recognition) to enhance security and make it more difficult for attackers to gain unauthorized access

● Regular Software Updates:

Keep all software components of the digital banking platform up to date, including web servers, databases, and third-party libraries, to patch known vulnerabilities

● Secure Development Practices:

BIDV always follows secure encryption measures during the development

of the digital banking platform to minimize the risk of vulnerabilities and stay compliant with relevant regulatory standards and guidelines for digital banking security

● Customer Feedback Loop:

Establish a feedback loop with customers to report phishing attempts or suspicious activities, and use this information to enhance security measures

By combining these solutions, BIDV can create a robust defense against phishing attacks, protecting both the institution and its customers This case study highlights the critical importance of cybersecurity in digital banking in Vietnam and underscores the need for financial institutions to