Cyberattack Risk Assessment in Electronic banking Technologies (the Case of Software Implementation)

The authors investigate the risks of computer attacks on automated banking systems. The relevance of the study is due to the need to revise the approaches to risk assessment based on the technical components of banking business processes and the consequences of cyber-attacks aimed at banking automated systems in credit institutions. The aim of the study is to describe the developed methods for assessing cyber risks in a commercial bank and provide an option for assessing the risks of information security violations in electronic banking technologies. The methodology of the article includes the analysis of domestic and foreign literature on the research topic, the theoretical and probabilistic method of calculation, computer programming and graphic interpretation of information. The authors analysed the operational risk of a commercial bank to develop components of the operational risk management system in the context of developing electronic banking technologies. They designed a computer program to quantify risk probabilities of cyberattacks on electronic banking technologies (by means of Borland Delphi). The work presents a formalised probabilistic model for determining the most vulnerable segment of risk management techniques used by information security structures. The conclusion is that it is possible to develop a software package based on a mathematical model that reduces the number of checks of risk factors by several times. The research results may be of further use for the development of risk divisions in credit institutions using electronic banking technologies.

1. King B. Bank 4.0: Banking everywhere, never at a Bank. Singapore: John Wiley & Sons Ltd; 2018. 352 p.

2. Skinner C. Digital human: The fourth revolution of humanity includes everyone. Singapore: Marshall Cavendish International (Asia) Pte Ltd; 2018. 400 p.

3. Revenkov P. V., Berdyugin A. A. Method of quantifying the risk of cyberattacks in the context of electronic banking. Bankovskoye delo = Banking. 2020;7:32-37. (In Russ.).

4. Salihu A., Metin H., Hajrizi E., Ahmeti M. The effect of security and ease of use on reducing the problems/ deficiencies of Electronic Banking Services. IFAC-PapersOnLine. 2019;52(25):159-163. DOI: 10.1016/j.ifacol.2019.12.465

5. Kleijmeer R., Prenio J., Yong J. Varying shades of red: How red team testing frameworks can enhance the cyber resilience of financial institutions. Financial Stability Institute. FSI Insights on Policy Implementation. 2019;(21). URL: https://www.bis.org/fsi/publ/insights21.pdf (accessed on 20.05.2020).

6. Konyavskii V. A., Revenkov P. V., Frolov D. B. et al. Cybersecurity in the conditions of electronic banking: Practical guide. Moscow: Prometei; 2020. 520 p. (In Russ.).

7. Berdyugin A. A., Revenkov P. V. Approaches to measuring the risk of cyberattacks in remote banking services of Russia. IT Security. 2019;26(4):83-92. DOI: 10.26583/bit.2019.4.06

8. Skorodumova O. B., Skorodumov B. I., Matronina L. F. Components of the quality of information security. Natsional’naya bezopasnost’/ nota bene = National Security / nota bene. 2018;(2):1-9. (In Russ.).

9. Vasilieva E. V., Solyanov K. S., Konevtseva T. D. Adaptive data warehouse as the technological basis of the banking ecosystem. Finansy: teoriya i praktika = Finance: Theory and Practice. 2019;24(3):132-146. (In Russ.). DOI: 10.26794/2587-5671-2019-24-3-132-146

10. Flenov M. E. The Delphi Bible. St. Petersburg: BHV-Petersburg; 2011. 688 p. (in Russ.).

11. Kozminykh S. I. The use of computer simulation for staff training at the facilities of fuel and energy complex. Informatsionnye resursy Rossii = Information Resources of Russia. 2019;(3):2-8. (In Russ.).

12. Lee L. Cybercrime has evolved: It’s time cyber security did too. Computer Fraud & Security. 2019;2019(6):8-11. DOI: 10.1016/S1361-3723(19)30063-6

13. Gisin V. B., Slavin B. B. et al. Paradigms of the digital economy: Artificial intelligence technologies in finance and fintech. Moscow: Cogito-Centre; 2019. 326 p. (In Russ.).

14. Nikkel B. Fintech forensics: Criminal investigation and digital evidence in financial technologies. Forensic Science International: Digital Investigation. 2020;33:200908. DOI: 10.1016/j.fsidi.2020.200908

15. Krylov G. O. Improving decision-making processes when processing big data in the Federal Financial Monitoring Service. Modern mathematics and concepts of innovative mathematical education. 2020;7(1):143-152.