Project

Cybercrime Regarding Financial Transfers

Updates
0 new
0
Recommendations
0 new
0
Followers
1 new
2
Reads
0 new
66

Project log

Mircea Constantin Scheau
added a research item
Given the realities that we are experiencing in the Ukraine crisis, with military and financial-banking implications, the need to develop and implement an early warning platform in case of crisis or disasters has arisen. This work addresses this need, with expertise in defence and security, financial-banking and cybersecurity domains, and creates a platform specialized in identifying and evaluating early warning indices for crisis management. The goal is to provide state-of-the-art early warning systems that help the population at risk to avoid crisis situations, while serving as decision support tools for various authorities (Ministry of Defence, Ministry of Internal Affairs, Intelligence Services, Financial-banking systems) when confronted with a crisis situation similar to the one from Ukraine.
Mircea Constantin Scheau
added a research item
Given the realities that we are experiencing in the Ukraine crisis, with military and financial-banking implications, the need to develop and implement an early warning platform in case of crisis or disasters has arisen. This work addresses this need, with expertise in defence and security, financial-banking and cybersecurity domains, and creates a platform specialized in identifying and evaluating early warning indices for crisis management. The goal is to provide state-of-the-art early warning systems that help the population at risk to avoid crisis situations, while serving as decision support tools for various authorities (Ministry of Defence, Ministry of Internal Affairs, Intelligence Services, Financial-banking systems) when confronted with a crisis situation similar to the one from Ukraine.
Mircea Constantin Scheau
added a research item
Topics related to cybercrime are debated with interest, which proves the impact felt by domestic users, business environment and international organisations. Even if the approach should be fairly straightforward, with reference to respecting traditional values, reality tends to contradict. The parameters that allowed us to evaluate and classify, according to the old models, a crime against the public or private domain, are modified. On the horizontal axis the time compresses, the space expands, the access points occupy distributed quadrants and the interconnected paths deepen. On the vertical axis we notice that the elements "gender and age" falls within a particularly generous range. Children or adolescents, young people, adults or those who follow the route offered by the descending slope of the Gauss bell discover their abilities that allow them to be placed on either side of the barrier that separates the good from the bad. Too few of them remain in the obscure gray area of uncertainty. All of these imply an increase in the dynamicity of the risk assessment map, allow to quickly change the shades of the penetrability degrees from green to intense red and calls in response to force the permission limit to zero.
Mircea Constantin Scheau
added a research item
Odată cu extinderea semnificativă a spațiului virtual, utilizatorii din mediul online își împărtășesc din ce în ce mai multe informații personale și drept urmare, o cantitate enormă de date legate de identificare sau tranzacții financiare sunt expuse agresorilor cibernetici. Phishing-ul este unul dintre exemplele de criminalitate prin intermediul căruia infractorii își înșală victimele, cu scopul de a exploata ulterior elementele exfiltrate. De la primul atac raportat în 1990, metoda a evoluat, vectorii de livrare devenind deosebit de sofisticați. Articolul își propune evaluarea acestor acțiunii, identificarea și revizuirea tehnicilor existente. Sectorul financiar este una dintre principale ținte ale infractorilor cibernetici, care folosesc deseori atacurile de phishing pentru a ocoli protocoalele de securitate ale băncilor, cu scopul de a-și atrage victime și de a le convinge de legitimitatea e-mailului falsificat. Aceștia apelează la diverse trucuri de inginerie socială prin crearea de scenarii (actualizare falsă a contului, upgrade de securitate etc.) și tehnici specifice (imitarea imaginilor, logo-urilor și identității instituțiilor bancare etc.). Pentru că susceptibilitatea față de phishing variază în funcție de nivelul de conștientizare al utilizatorului, în majoritatea atacurilor infractorii cibernetici exploatează deseori natura umană, în locul utilizării tehnologiilor sofisticate. În consecință, deși protocoalele de siguranță sunt încorporate în site-urile și aplicațiile bancare, adesea elementul uman nu reușește să detecteze înșelătoria, în lipsa cunosțintelor elementare de etică digitală cu ajutorul cărora ar fi fost mai conștienți de posibilele riscuri, astfel încât intrușii să nu le fure bani și date personale sensibile. Acest articol conține informații destul de apropiate de zona tehnică și în aceeași măsură explicații pertinente referitoare la posibile modalități de diminuare a numarului de victime expuse atacurilor. 2. Etape ale unei campanii de phishing În etapa de inițiere a unui atac phishing, atacatorul trimite un e-mail fraudulos care se pretinde a proveni de la banca victimei solicitând destinatarului confirmarea detaliilor contului bancar, cu avertismentul că în caz de nefurnizare a informațiilor, contul poate fi suspendat. Utilizatorul poate considera email-ul ca fiind legitim, deoarece folosește aceleași elemente grafice, mărci comerciale și culori ca ale băncii reale. Datele colectate sunt transmise direct infractorului cibernetic, iar acesta le poate folosi ulterior pentru comiterea altor fraude, sau le poate revinde pe piața neagră.
Mircea Constantin Scheau
added a research item
The exponential increase in the advancements registered across all sectors of the information technology field gave a new, ever-expanding dimension to the idea of protesting against national governments by introducing political activism into cyberspace. Despite the apparent noble objectives, there is a thin line between hacking as a form of protest against the established order and cyber-criminal activity that can cause financial or material prejudice against organizations. This aspect outlines several dimensions of hacktivism which will be brought into discussion. Another interesting characteristic in hacktivist psychology is the pursuit of “digital clout” as a way to measure success: the more notorious a group becomes, the more attention it will get from the press alas the more successful it is. Even though it is a clear distinction between financially motivated threat actors and hacktivists, some shifts were observed in the cyber threat spectrum in the very politically charged context of war, with different groups which had a history of financially motivated cybercrime, joining the cyber conflict and engaging in hacktivist campaigns either on the one side or the other.
Mircea Constantin Scheau
added a research item
The technological advancements of the last couple of years combined with the unique situation created by the Covid-19 pandemic made the customer more open to the digitalization of several financial services and procedures in order to further reduce the need for face-to-face interaction. The financial technology companies found themselves in the position to leverage advancements in fields such as data analytics and artificial intelligence as well as the new financial paradigm brought by blockchain technology thus making technological innovation a top priority to meet these new customer needs. As the tendency of the financial sector as a whole to further embrace digitalization becomes more apparent, so does the protection of customer data become more complex as cyber-attack vectors increase in complexity aided by an ever-expanding attack surface. We argue that the rapid pace in which technological advancements are adopted in the financial services sector must be accompanied by responsible cyber security policies and regulations enforced from both the technological and human standpoints. We will provide an overview on the pace in which cybercrime in the financial sector grew in intensity as FinTech moved towards an end-to-end approach, the most common cyber threats which affect the financial sector as well as why cyber threat management should not be limited to a reactionary approach.
Mircea Constantin Scheau
added 3 research items
With the help of advanced technologies we want to have as much comfort as possible, but the advantages come with a series of rules that we must follow. It is not necessary to become specialists, but it is certainly necessary to keep ourselves informed about the dangers to which we are exposed. Otherwise, the price paid due to ignorance or superficiality may far exceed the darkest expectations. We can be a direct target, a collateral victim, or a valuable tool of malicious access in a certain context speculated or created by a hostile actor. It largely depends on us which position we choose. The impact can also be reflected in the direction of national security.
The purpose of this study is to evaluate the result of the decisions addressed in preventing and combating money laundering by Romania, together with the other member states of the European Union, following the regulations changes in the field. Against the background of technological developments and new threats, regulators have developed rules and procedures to prevent the exploitation of the financial system for the purpose of money laundering, with clear deadlines for transposition into national law. In order to determine the impact of the joint effort in the fight against money laundering, we analyzed the annual reports of European Financial Intelligence Units for 2018 and 2019 and the reports for the last ten years (2011-2020) of the National Office for Preventing and Combating Money Laundering in Romania. Based on the data from these reports, the study presents trends by using, inter alia, descriptive statistics. The results of our study draw attention to the increase in the number of reports of suspicious transactions, the number of cases sent for investigation to the competent authorities, the number of requests for information or dissemination of information to foreign FIUs, the volume of suspended transactions and amounts seized or confiscated by authorities. Although European Union Member States have responded to the obligation to transpose European directives, further steps are needed to create a common framework for action and reporting, so that the combined efforts have real results in line with the expectations of the European institutions. Through the results presented, the study supports governmental and non-governmental entities, highlighting the areas that need immediate attention.
This research identifies the ecosystem that facilitates technological innovations, especially in the financial field, beyond the new technologies themselves. In order to make the most of FinTech's potential, the system of institutional facilitators is analyzed, the need for the authorities to be involved in the development of innovation centers or sandbox structures. Beyond these institutional facilitators, we identify the need for a vision, a digital transformation strategy, architectures and integration components without which technological innovations are not sustainable, on the basis of which new business models are developed. The research is based on international reports and analyzes of prestigious authorities or companies, the approach starting from public studies and surveys. The conclusions prove the need for a managerial, integrated approach, starting from risks and not necessarily from technologies, identifying the need for public policies to support innovation to which one should add the effort of companies to structure integrated, agile, customer-oriented platforms, a framework oriented towards continuous change.
Mircea Constantin Scheau
added a research item
One approach for such a definition presents profiling as a way to collect from various sources, obtain, deduce, or predict information about groups or individuals. Such knowledge can be exploited to make decisions that can be later automated. Profiling can structure public and private information with different degrees of precision, including those that are highly sensitive, like personal data/ information. Therefore, the data collected about a person's behavior can be used to generate/ predict new information about the "real" identity, attributes, interests or "probable" personality of the target subject.In a world where some actions are constantly monitored, profiling raises serious questions and calls for urgent answers about privacy when private information can be deduced from larger or smaller seemingly trivial data sets. How do we ensure that profiling (and the decisions it generates) is legal, fair and nondiscriminatory? How can data subjects exercise their rights (especially the right to object to, or oppose automated decision-making) if the processing itself is nontransparent?
Mircea Constantin Scheau
added a research item
In the context of the SAR-CoV-2 pandemic, direct or indirect attacks on critical infrastructures have increased. The vectors of infection have diversified. Malware has become increasingly sophisticated. Cyber attackers try to hide their traces. In addition to the economic damage, their actions also result in the loss of human life. Fake news are distributed and exploited by attackers. Voluntary groups that join institutional efforts are the normal defense response of society. In this article, we will present a case study on an action directed against one of the groups of volunteers who have publicly committed themselves to fighting crime and protecting health infrastructure.
Achim Monica-Violeta
added a research item
In this paper we analyze the influence of technology on the level of the economic and financial crime, using data for 185 countries over the 2012–2015 time period and controlling for many important variables. First, we find that on average, the size of the economic and financial crime in low income countries is about double compared to that of high income countries, while their Research and development expenditure (as % of GDP) are about four times lower than in high income countries. We find clear evidence that increased technology reduces the size of the economic and financial crime. In addition, we find that Research and development expenditure (% of GDP) matter more in reducing the economic and financial crime in low income countries than they do in high income countries. Our main findings are generally stable after conducting some robustness checks. From a policy perspective, our study may prove to be of great use to decision makers of the states, to government and non-governmental enterprises and to potential investors within different markets. First published online 6 January 2021
Mircea Constantin Scheau
added a research item
Purpose-This paper aims to assess the effectiveness of anti money laundering in Romania and other European countries based on national Financial Intelligent Units dates. Design/Methodology/Approach/-Annual reports of 12 th European FIUs and reports from the last eight years of Romanian FIU are used to examine legal status, role and functions of national Financial Intelligent Units, suspicious transaction reports, suspended transactions, freezing order and seized funds and the volume of those funds as a results of fight against dirty money in each studied national economy. Relied on these, the paper evaluates the efficiency of fight against money laundering using descriptive statistics. Findings-The number of suspicious transactions reports (STR) received by anti money laundering national bodies and the volume of amount suspended, frozen or seized increased in the last period of time, as an effect of European Union measures and transposition of this in nationals' laws. For a comparative analysis and conclusions of the effectiveness and efficiency of anti-money laundering efforts in every country, a standardized data reporting model is certainly needed.
Mircea Constantin Scheau
added a research item
Technological and social developments lead to repositioning of criminal actions and adapted responses of Information Systems. On the invisible front, confrontations between national or international organizations and entities that are strictly economically motivated or supported by terrorist groups take place. The direct and indirect effects are difficult to predict due to the high degree of uncertainty of the phenomenon as a whole. The mobility of the relevant factors is quite high and that is why the algorithms use probabilistic models. The losses are quantified as a post factum effect of the events. The present study aims to present Data Mining and Analysis of possible impact that can be felt, starting from a review of actions against official institutions, transformations that occur in crises and finally, a set of proposals in support of alignment with common international standards.
Mircea Constantin Scheau
added a research item
Technological development brings about economic changes that affect most citizens, both in developed and undeveloped countries. The implementation of blockchain technologies that bring cryptocurrencies into the economy and everyday life also induce risks. Authorities are continuously concerned about ensuring balance, which is, among other things, a prudent attitude. Achieving this goal sometimes requires the development of standards and regulations applicable at the national or global level. This paper attempts to dive deeper into the worldwide operations, related to cryptocurrencies, as part of a general phenomenon, and also expose some of the intersections with cybercrime. Without impeding creativity, implementing suggested proposals must comply with the rules in effect and provide sufficient flexibility for adapting and integrating them. Different segments need to align or reposition, as alteration is only allowed in a positive way. Adopting cryptocurrency decisions should be unitary, based on standard policies.
Mircea Constantin Scheau
added 2 research items
Abstract: Billions of people have access to the online environment through which runs financial transfers or personal data. The boundaries of cybercrime are particularly diffuse. The critical areas are in the focus of the offenders. The balance of profits and losses can be seriously prejudiced if the directions of international bodies are ignored. Defensive systems can become casualties due to poor management or lack of investment. The phenomenon can be overcome only by a mature approach, one that is professional and that takes full responsibility. The article attempts to underline the role of the IT infrastructure in the light of technological evolution and some of the effects that can arise. The proposed defence strategies have as objective fulfilling the readers expectations. Abstract: Miliarde de persoane au acces la mediul online prin intermediul căruia se efectuează transferuri financiare sau de date cu caracter personal. Granițele criminalității informatice sunt deosebit de elastice. Domeniile critice sunt în atenția infractorilor. Balanța de profit și pierderi poate fi serios dezechilibrată în condițiile ignorării recomandărilor organismelor internaționale și a lipsei investițiilor. Sistemele defensive pot să devină victime la rândul lor, ca urmare a unui management defectuos. Fenomenul poate fi combătut numai printr-o abordare matură, profesională și plină de responsabilitate. Articolul încearcă să scoată în evidență rolul infrastructurii IT în lumina evoluției tehnologice și câteva dintre efectele ce se pot înregistra. Metodele de protecție propuse își doresc să răspundă așteptărilor cititorilor.
The inventiveness of the offenders is often corroborated with the support of the "investors" which sometimes leads to discovery of fraud after they had been committed. Preventive measures adopted by financial banking and investment institutions come to complete the procedural fluxes governing the implementation of security measures. Fraud management, however, is an objective difficult to achieve because, for whatever solution is adopted, the criminal market hurries to bring about anti-solutions. It is a conflict of attrition that has no beginning and no end can be predictable. We believe that we will witness a mix of classical methods based on traditional technologies and methods that are being built on the concept of "living cell".
Mircea Constantin Scheau
added 3 research items
For 2018, one of the big challenges is the construction of security systems based on AI. However, it should take time and considerable resources to verify the effect of technologies involving machine learning and driving patterns. We can say that these structures are, conceptually, a computerized replica of their developers. While the trend is interesting, it does not provide any real guarantee as long as the same steps can be performed by criminals. The two armies faced in the virtual environment are in a continuous arms race, as faithful copies of their creators. Even if efforts seem to be hampered by the dynamics of the criminal spectrum, they are necessary precisely because of their mobility. Malware and ransomware attacks have targeted disparate and seemingly unrelated targets, globally. Condensing huge amounts of data at certain points or in mega-cloud spaces offers management advantages, but it can also be the premise of future offensive, not at all desirable. The confrontation engages the brightest minds on the planet, from both camps [5].
Bazată pe o documentare și cercetare remarcabilă, pe analiza actuală și de perspectivă a criminalității din domeniul de referință, autorul reușește să ofere printr-o abordare multidisciplinară adevărata dimensiune a acesteia și propune soluții de combatere a fenomenului infracțional privind activitățile economico-nanciare. Elementele de natură teoretică și practică bene ciază de suport juridic și împreună alcătuiesc o lucrare valoroasă, cu o ținută științi că deosebită. Volumul se a rmă ca un act de creație inovator, cu aspecte de originali-tate evidente, prin prezentarea rezultatelor obținute răspunzând interesului publicului, în general, și specialiștilor în materie, în particular. Prof. univ. dr. Dan Victor Cavaropol Titlul lucrării Criminalitatea informatică privind transferurile nanciare surprinde foarte bine legătura dintre cele două domenii la care se face referire. Evoluția pierderilor înregistrate și modul de calcul al acestora, ridică seri-oase semne de întrebare referitoare la deciziile ce ar trebui adoptate și la implementarea măsurilor aferente. Autorul face apel la exemple concrete, componenta juridică oferind posi-bilitatea de analiză în context național și european. Impactul fenomenului infracțional asupra structurilor nanciar-bancare și de asigurări este resimțit la toate nivelurile și accelerarea vitezei de producere a agresiunilor constituie unul dintre semnalele de alarmă foarte puternice. Unghiurile din care sunt surprinse fațetele economice oferă o imagine de perspectivă asupra vulnerabilităților ce se doresc a tratate și metodelor cibernetice de penetrare. Recomandările din Ghidul de bune practici încearcă să atingă însă toate laturile de interes. Considerăm că cititorii vor aprecia la adevărata valoare informațiile pre-zentate și calitatea acestora. Subiectul este deosebit de bine articulat, fără bariere de jurisdicție internațională, noutățile purtând amprenta clară a confruntării continue dintre organizațiile plasate de o parte și de alta a baricadelor. Prof. univ. dr. Gheorghe Ruxanda Bucureşti : Editura Economică, ISBN 978-973-709-871-9 Craiova : Editura Sitech, ISBN 978-606-11-6645-9
An article part of ”CONSIDERATIONS ON CHALLENGES AND FUTURE DIRECTIONS IN CYBERSECURITY” - A project by the Romanian Association for Information Security Assurance (RAISA) with the support of the Romanian National Computer Security Incident Response Team (CERT-RO) and the National Cyberint Center (romania2019.eu)
Mircea Constantin Scheau
added 16 research items
Without claiming to state an infallible truth, we believe that, whatever their nature, conflicts present to a greater or lesser extent an economic side. Maintaining an outbreak or identify the levers for stability immediately refer to resources. We can talk about local incidents, regional or global, we can take into account small-scale conflicts, armed attacks or wars between nations and we discover that behind them are often economic interests. Based on the rational motivation principle of irrational acts, mechanisms, can be triggered that can produce effects difficult to calculate on the long term. Prevention and fighting are two concepts that can take effect only under the conditions of a realistic legislation. It discussed a lot lately about globalization under construction and about it's effects but, a good collaboration between the institutions of the European Union state members can deliver positive effects. Financial transfers interfere with the moving chain of resources and can, if they are carefully monitored, break joined rings. A criminal organization cannot survive and is not recognized as true unless it succeeds in building the mechanism which is based on a set of legal structures that serve to hide criminal activities and capitalize the reinvested profits thus building their credibility. In a negative sense, the crime economy as a by-product of the global economy mixes in all its structures with the legal economy within which it reproduces itself assisting even to a symbiosis of both. What is most of times behind financial engineering? It is a question that involves limited answers only by the imagination of the operators. Rezumat: Fără a avea pretenţia enunţării unui adevăr infailibil, putem considera că, indiferent de natura lor, conflictele prezintă într-o măsură mai mare sau mai mică o latură economică. Întreţinerea unui focar sau identificarea unor pârghii de stabilitate fac trimitere imediată la resurse. Putem discuta despre incidente locale, regionale sau globale, putem să luăm în calcul conflicte de mică anvergură, atacuri armate între naţiuni sau chiar războaie mondiale şi vom descoperi că în spatele acestora se află de multe ori interese economice. Bazate pe principiul motivaţiei raţionale a actelor iraţionale, se pot declanşa mecanisme ce pot produce efecte greu de calculat pe termen lung. Prevenţia şi combaterea sunt două concepte care pot să producă efecte doar în condiţiile unei legislaţii realiste. S-a discutat destul de mult în ultima perioadă despre globalizare în construcţie şi despre efectele acesteia dar, o bună colaborare între instituţiile statelor componente ale Uniunii Europene poate să livreze efecte pozitive.
The entire transaction chain from swiping a card to a bank's ability to process a transaction has now become the main focus of cybercriminals. In order to infiltrate or gain access to this type of data exchange, they have developed new attack vectors for delivering malicious payloads, aimed at compromising one of the parties engaged in a transaction. Since the weakest link in the security chain is often human component, cybercriminals often exploit human curiosity or lack of knowledge, as to infiltrate, steal, and manipulate online transactions.
The impact of Money Laundering and Financing Terrorism is analyzed in the context of Management and Protection of National and International Critical Infrastructures. Global ways of approaching the phenomenon, reporting to common measures and their particularization according to the social#economical realities of each community. The positioning of the financial# banking institutions to adopt immediate and long term measures. Methods and Flows to prevent and counteract followed by a practical example. Este analizat impactul Spălării Banilor 8i al FinanŃării Terorismului în contextul Managementului 8i ProtecŃiei Infrastructurilor Critice NaŃionale 8i InternaŃionale. ModalităŃile globale de abordare a fenomentului, raportarea la măsurile comune 8i particularizarea acestora în funcŃie de realităŃile socio#economice ale fiecărei comunităŃi. PoziŃionarea instituŃiilor financiar#bancare în adoptarea măsurilor imediate 8i pe termen lung. Metode 8i Fluxuri de prevenire 8i contracarare urmate de un exemplu concret. Cuvinte cheie: bani; terorism; metode; reglementări.