Project on Project on Internet Banking - Report of RBI Working Group
Internet Banking - Technology

Security and Privacy Issues - Attacks and Compromises

When a bank’s system is connected to the Internet, an attack could originate at any time from anywhere. Some acceptable level of security must be established before business on the Internet can be reliably conducted. An attack could be any form like:

• The intruder may gain unauthorized access and nothing more

• The intruder gains access and destroys, corrupt or otherwise alters data.

• The intruder gains access and seizes control partly or wholly, perhaps denying access to privileged users

• The intruder does not gain access, but instead forges messages from your system

• The intruder does not gain access, but instead implements malicious procedures that cause the network to fail, reboot, and hang.

Modern security techniques have made cracking very difficult but not impossible. Further more, if the system is not configured properly or the updated patches are not installed then hackers may crack the system using security hole. A wide range of information regarding security hole and their fixes is freely available on the Internet. System administrator should keep himself updated with this information.

Common cracking attacks include

• E-mail bomb and List linking

• Denial-of-Service

• Sniffer attack

• Utilizing security hole in the system software

E-mail Bomb: This is a harassment tool. A traditional e-mail bomb is simply a series of message (perhaps thousands) sent to your mailbox. The attacker’s object is to fill the mailbox with junk

Denial-of-Service (DoS) attacks: DoS attacks can temporarily incapacitate the entire network(or at least those hosts that rely on TCP/IP). DoS attacks strike at the heart of IP implementations. Hence they can crop up at any platform, a single DoS attack may well work on several target operating systems. Many DoS attacks are well known and well documented. Available fixes must be applied.

Sniffer Attack Sniffers are devices that capture network packets. They are a combination of hardware and software. Sniffers work by placing the network interface into promiscuous mode. Under normal circumstances, all machines on the network can "hear" the traffic passing through, but will only respond to data addressed specifically to it. Nevertheless, if the machine is in promiscuous mode then it can capture all packets and frames on the network. Sniffers can capture passwords and other confidential information. Sniffers are extremely difficult to detect because they are passive programs. Encrypted session provides a good solution for this. If an attacker sniffs encrypted data, it will be useless to him. However, not all applications have integrated encryption support.

Holes: A hole is any defect in hardware, software or policy that allows attackers to gain unauthorized access to your system. The network tools that can have holes are Routers, Client and Server software, Operating Systems and Firewalls.