Criminal infiltration of financial institutions: a penetration test case study

Document

Cited in

DOI	https://doi.org/10.1108/13685201011010218
Date	05 January 2010
Published date	05 January 2010
Pages	55-65
Author	Jerry Hart

Criminal inf‌iltration of f‌inancial

institutions: a penetration

test case study

Jerry Hart

i2 Ltd, Cambridge, UK

Abstract

Purpose – The purpose of this paper is to discuss the f‌indings of a security research project

commissioned by a f‌inancial institution to identify security breaches that could facilitate illicit access

to conf‌idential information.

Design/methodology/approach – Using penetration and social engineering techniques to generate

opportunities to steal conf‌idential data, the project simulates a possible criminal attack.

Findings – The f‌indings expose a vulnerability to attack by professional criminals or others

prepared to use kidnap, blackmail and intimidation.

Social implications – They also raise challenging questions about reconciling the human rights of

both employees and clients, and the needs and responsibilities of f‌inancial institutions as employers,

service providers and custodians of conf‌idential information.

Originality/value – The paper is unique as it tackles the phenomenon of social networking sites

from the risk perspective of any employer that needs to safeguard its assets by managing internal

threats and protecting against criminal inf‌iltration.

Keywords Financial institutions, Crimes, Datasecurity, Human rights, Social networks

Paper type Case study

Introduction

This case study is extracted from a series of projects the author undertook in late

2005, while working as a private security consultant specialising in testing the

integrity of security procedures, policy and strategy for both public and private sector

organisations. The client for this particular study was a private bank that specialised

managing the personal f‌inances of high net-worth individuals. Based in the capital city

of a European country, its customers included celebritie s, politicians, sports

personalities and numerous high-prof‌ile business people engaged in interna tional

commerce. For reasons of conf‌identiality, the bank’s name and those of its empl oyees

are totally anonymized in this paper, as is their location.

The paper will begin by explaining the rationale for the project. This will explain its

mission and aims and provide an overview of the necessary constraints. It will go on to

outline the methodology, which consisted almost entirely of desktop research – the

remoteness of which is a signif‌icant factor for those seeking to understand the nature of

the threats the project explored. It will then present the research f‌indings, which raise

some important and challenging questions about a delicate triangular balance – if such

The current issue and full text archive of this journal is available at

www.emeraldinsight.com/1368-5201.htm

This paper was presented at the 27th Cambridge International Symposium on Economic Crime

in a session entitled “Terrorist inf‌iltration of f‌inancial institutions”. While this paper focussed on

criminal inf‌iltration, the tactics and techniques discussed could be used regardless of the

motivation of the offenders.

Inf‌iltration

of f‌inancial

institutions

Journal of Money Laundering Control

Vol. 13 No. 1, 2010

pp. 55-65

qEmerald Group Publishing Limited

1368-5201

DOI 10.1108/13685201011010218

Get this document and AI-powered insights with a free trial of vLex and Vincent AI

Get Started for Free

Start Your Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

Access comprehensive legal content with no limitations across vLex's unparalleled global legal database
Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength
Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities
Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

Start Your Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

Access comprehensive legal content with no limitations across vLex's unparalleled global legal database
Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength
Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities
Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

Start Your Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

Access comprehensive legal content with no limitations across vLex's unparalleled global legal database
Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength
Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities
Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

Start Your Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

Access comprehensive legal content with no limitations across vLex's unparalleled global legal database
Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength
Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities
Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

Start Your Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

Access comprehensive legal content with no limitations across vLex's unparalleled global legal database
Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength
Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities
Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

Start Your Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

Access comprehensive legal content with no limitations across vLex's unparalleled global legal database
Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength
Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities
Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

Start Your Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

Access comprehensive legal content with no limitations across vLex's unparalleled global legal database
Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength
Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities
Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

Criminal infiltration of financial institutions: a penetration test case study

Start Your Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

Access comprehensive legal content with no limitations across vLex's unparalleled global legal database

Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength

Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities

Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

Start Your Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

Access comprehensive legal content with no limitations across vLex's unparalleled global legal database

Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength

Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities

Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

Start Your Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

Access comprehensive legal content with no limitations across vLex's unparalleled global legal database

Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength

Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities

Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

Start Your Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

Access comprehensive legal content with no limitations across vLex's unparalleled global legal database

Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength

Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities

Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

Start Your Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

Access comprehensive legal content with no limitations across vLex's unparalleled global legal database

Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength

Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities

Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

Start Your Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

Access comprehensive legal content with no limitations across vLex's unparalleled global legal database

Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength

Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities

Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

Start Your Free Trial of vLex and Vincent AI, Your Precision-Engineered Legal Assistant

Access comprehensive legal content with no limitations across vLex's unparalleled global legal database

Build stronger arguments with verified citations and CERT citator that tracks case history and precedential strength

Transform your legal research from hours to minutes with Vincent AI's intelligent search and analysis capabilities

Elevate your practice by focusing your expertise where it matters most while Vincent handles the heavy lifting

Start Your Free Trial