Cyber Security Attack On The Customers Of The Tesco Bank - Samples

Question: Discuss about the Cyber Security Attack On Tesco Bank. Answer: Information Security Incident Assessment Recently, there have been a large number of security attacks on the financial service providers. The bank has more than seven million bank customers and more than 4,000 staff members. The bank was founded in 2008, an initiated as a joint venture between Royal Bank of Scotland and Tesco Bank. It operates in various countries of Europe. In 2016, the bank observed suspicious activities and found that a significant amount of money is being transferred from the bank accounts of customers to Caribbean or accounts in Brazil and Argentina. As a result, about 40,000 bank accounts were frozen as the money was taken from 20,000 bank customers. In addition to it, total 2.400 pounds were taken from different accounts of the customers. The bank was victimized due to an online criminal activity. After the careful analysis of the security breach, it was identified that there were less chances of a remote security attack. The security stem of the organization is robust and there are minimal chances that a third party will intrude the organizations system. Moreover, the company as implemented a robust security system; therefore, it is not possible that the hackers were successful in obtaining the personal information and the account numbers of the account holders. Further investigation re vealed that the security breach was conducted by the staff members of the company (Amoroso, 2012). It was revealed that the intrusion attack was a result of process or management control where the information is shared in a negligent manner. It means that the organization neglected the privacy and the security of the members (Osborne, 2016). The company investigated its offshore or outsourcing operations as they may have resulted in the leakage of information. It might be a possibility that an offshore employee of the company might have been offered a large amount of money in lieu of customer data. However, the company needs to investigate whether the security breach was due to ill intent or incompetence of the employees. It can also be critiqued that most often security attacks were due to people. They are the most vulnerable link to an organization as a business organization cannot control them. It is very difficult to hack a system without any internal assistance. Most often, cus tomers also neglect their security and do things like reusing their passwords or clicking on random links which breach their privacy (BBC, 2016). The customers identified that there is some problem in their account as the current account holders were unable to make payment on online mediums. People were unable to login into their account. In addition, they were unable to login or make any sort of consumer compliant on the main website or the consumer platforms (Johnson, 2015). Incident Strategy When the company realized unusual activities in its banking system, it froze the bank accounts of about 40,000 customers. It also filed a case with the National Security Agency and tried to investigate the actual vulnerability which led to the intrusion. It was identified that the most vulnerable part of the security system of an organization is its human resources. An organization cannot control the behavior of its people and; therefore, it is important to control the information access to different people. In addition to the security audits, the company also made provision to compensate the customers. The Bank stated that it will refund all the money to the account holders as soon as possible. It has also made provisions to cover any financial loss resulting from the fraud. It has broadcasted the message that all the customers need to change their security passwords. As the security attack occurred due to third party intrusion, it is important to change the security passwords. The attackers may have the security passwords and use them for future attacks. The company should also assure that the people make strong security passwords (Rodger, 2016). The company also advised its customers that they should not use the same security details in other accounts. If a user has same passwords for different accounts, it increases the hacking risk by manifolds. In order to retain its current customers and increase customer loyalty, the company has also started giving a higher interest rate on its sales account. It has also assured its customers that no security breach will occur and the security system of the organization will be improved. As a precautionary measure, a large number of bank accounts were immediately locked. Conclusion It can be concluded that the cyber-crime is very prevalent today. A large number of business organizations are suffering cyber-attacks. In the same manner, Tesco suffered from a cyber-attack in which the login details and the privacy of several customers were compromised. The company undertook several measures to minimize the impact of the security breach. It immediately froze several of the accounts of the customers and filed a report with the National Security Agency. It should also minimize the access of the employees to the sensitive information of the organization so that no security breach occurs in the future. References Amoroso, E. (2012). Cyber Attacks: Protecting National Infrastructure, STUDENT EDITION. Elsevier. BBC. (2016). Tesco Bank customers lose money to 'fraudsters'. [Online]. Available at: https://www.bbc.com/news/business-37888327 [Accessed on: 30 July 2017]. Johnson, T.A. (2015). Cybersecurity: Protecting Critical Infrastructures from Cyber Attack and Cyber Warfare. CRC Press. Osborne, H. (2016). Tesco Bank fraud: key questions answered. The Guardian. [Online]. Available at: https://www.theguardian.com/money/2016/nov/07/tesco-bank-fraud-key-questions-answered-suspicious-transactions-40000-accounts [Accessed on: 30 July 2017]. Rodger, J. (2016). Thousands of Tesco Bank customers lose money in hack - what to do if you are affected. Birmingham Mail. [Online]. Available at: https://www.birminghammail.co.uk/news/midlands-news/thousands-tesco-bank-customers-lose-12138742 [Accessed on: 30 July 2017].