Criminal infiltration of financial institutions: a penetration test case study
Purpose – The purpose of this paper is to discuss the findings of a security research project commissioned by a financial institution to identify security breaches that could facilitate illicit access to confidential information. Design/methodology/approach – Using penetration and social engineering techniques to generate opportunities to steal confidential data, the project simulates a possible criminal attack. Findings – The findings expose a vulnerability to attack by professional criminals or others prepared to use kidnap, blackmail and intimidation. Social implications – They also raise challenging questions about reconciling the human rights of both employees and clients, and the needs and responsibilities of financial institutions as employers, service providers and custodians of confidential information. Originality/value – The paper is unique as it tackles the phenomenon of social networking sites from the risk perspective of any employer that needs to safeguard its assets by managing internal threats and protecting against criminal infiltration.
Year of publication: |
2010
|
---|---|
Authors: | Hart, Jerry |
Published in: |
Journal of Money Laundering Control. - Emerald Group Publishing Limited, ISSN 1758-7808, ZDB-ID 2094548-6. - Vol. 13.2010, 1, p. 55-65
|
Publisher: |
Emerald Group Publishing Limited |
Subject: | Financial institutions | Crimes | Data security | Human rights | Social networks |
Saved in:
Online Resource
Saved in favorites
Similar items by subject
-
Developing financial intelligence: an assessment of the FIUs in Australia and India
Sathye, Milind, (2007)
-
An analysis of advance fee fraud on the internet
Chang, Joshua J.S., (2008)
-
Cybercriminal impacts on online business and consumer confidence
Smith, Alan D., (2004)
- More ...