AMITY ONLINE UNIVERSITY PROJECT REPORT ON “A STUDY ON CYBER SECURITY AT GCB BANK LTD” UNDER SUPERVISION OF

AMITY ONLINE UNIVERSITY

PROJECT REPORT
 ON
“A STUDY ON CYBER SECURITY AT GCB BANK LTD”
 
UNDER SUPERVISION OF : MR. KIEMTORE YACOUBA  
SUBMITTED BY NAME        :  EBENGA HERMANN SCHMIDT
 ENROLLMENT NO :   
A DISSERTATION SUBMITTED IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE AWARD OF
“MASTERS DEGREE IN INFORMATION TECHNOLOGY (MSC.IT)”
AMITY CENTER FOR ASODL
AMITY UNIVERSITY, NOIDA JUNE, 2018
ABSTRACT
Cyber security has emerged to be and will continue to be, one of the precarious aspect in business environment due the influence Information Communication Technology in the business industry. In this context of unpredictability and insecurity, banking institutions are redefining their approach to security, trying to find the balance between risk, innovation and cost.
Cyber security threat is now unswervingly a business risk sinking the ball on security can bully an organization’s future – yet many organizations continue to manage and understand cyber security in the context of the IT department. This has to change.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

Technology is continuously changing and there is no recent shift larger than the explosion of mobile device usage. People bringing their own devices to work is an unstoppable wave engulfing organizations, regardless of policy. The demand for BYOD is surging, but it poses serious challenges for how security is managed, both in terms of technology as well as process and policy.

Technology also brings opportunities, for example, big data offers the promise of new insights that enables a more pro-active security approach, provided organizations can employ the people who actually understand this new technology. Most focus on state of the art security revolves around people and their behavior.
In order to do security right, it has to be made part of the most elementary fiber of the organization, both in technology
– including security as part of the design – as well as in behavior
– giving people secure options that they prefer over less secure ones. Simply using fear as a tool to motivate people is going blunt very rapidly.

In addition the rise of the information Communication and technology (ICT) has provided a wealth of opportunities for organizations to enhance services to customers through new channels. Financial institutions in general and GCB Bank Ltd is responsible for protecting the most sensitive of personal information for all of their customers.
Today, the majority of security executives working in the banking and finance industry express confidence in their organization’s cyber security strategies. Yet, banks are being attacked more frequently, and with more success. Cyber criminals are developing more complex methods to attack end users and infiltrate organizations. Banks must go beyond internal compliance and start taking a proactive approach to cyber security in order to mitigate the risk of customer information being obtained through a cyber-attack and lower the risk of a successful breach.

This study research is intended to evaluate the impact of cyber security in the banking industry in general and GCB Bank Ltd in particular to help management to address issues concerning cyber criminal’s activities.

Perceptions of the management staff of the bank, branch managers, staff members and customers were collected using a survey method. In all 35 people were sampled from GCB Bank Ltd. Questionnaires were used to collect data randomly from the customers and staff of the Bank. The findings established that such types of issues highlight the need for cyber security as an essential approach in protecting and preventing data from being used inappropriately.

The study concludes that the level of Cyber Security in GCB Bank Ltd, and employee awareness and competence needs to be improved so as to curb cybercrime. IT was evident that despite GCB Bank Ltd being aware that there has been an increase in the cases of cybercrime they were not reporting the cases to the authorities. The study recommends that GCB Bank Ltd should enhance their security by implementing timed access control mechanisms. These should be combinations of ‘Something you are’ and ‘something you know’ and they should report cases of cybercrime within their organizations this will help to enhance the existing national policies and regulations. It is further recommends that GCB Bank Ltd banks educate all employees and customers to protect themselves against social engineering and develop strategies of dealing with disgruntled employees.

ACKNOWLEDGEMENT
This research study could not have been accomplished without the help and backing of several people.
Many thanks to God who has availed the resources, given me good health, strength, courage, persistence and determination to see me through attaining this Degree.
Secondly, I wish to thank my family which has constantly encouraged and reminded me of the ultimate goal.
Thirdly to my supervisor who has tirelessly given me guidance and direction throughout the duration of this project.
Finally I wish to thank my friends and colleagues for their support, discussions and engagement in the Subject of this project.

CERTIFICATE
I, EBENGA HERMANN SCHMIDT certify that the Project Report entitled “A STUDY ON CYBER SECURITY AT GCB BANK LTD” is an Original one and has not been submitted earlier either to AMITY SCHOOL OF DISTANCE LEARNING (ASODL), NOIDA or to any other institution for fulfillment of the requirement of a course of Master Degree in Information Technology (MSc. IT).

Place: Accra
Signature:
Date:25.04.2018
NAME : EBENGA HERMANN SCHMDT
ENROLLMENT NO: A1922813115 (el) 
DEDICATION
This work is dedicated to my parents. From them I have the gift of Life and Education; the greatest gifts parents can give to their children. This work is also dedicated to Uncle Steve Baron Ngombet. My siblings Clarisse ,Olga, Claudine, Kevin Ulrich, Danny Lopez, Hydrich Nathael, Prisset,Amelia,Junior, Cherubin, Dominique, Flore, Gaylor, Gael, Prince and Khaled . Thank you for the encouragement when my levels of motivation ran low.

TABLE OF CONTENTS
CHAPTER CONTENTS PAGE
Title of the project 1
Acknowledgement 3
Declaration 4
I Introduction 8
Company Profile 11
II Objective and scope of the study 14
III Theoretical Perspective 17
IV Research Methodology 35
V Data Analysis 36
VI Findings of the study 40
VII Recommendation 50
VIII Conclusion 56
IX. References                                  
Questionnaire                               59
CHAPTER ONE
INTRODUCTION
Background of the study
Information Communication and Technology (ICT) is an essential tool for sustainable development has demonstrated to be worth every investment. The advent of digital technology gave birth to modern communication hardware, internet and powerful computer systems to process data aced thus the internet has given a safe haven for internet platform, which has created geometric growth and accelerated windows for opportunities for business and removal of economic barriers hitherto faced by nations of the world (Okonigene, 2010). The use information technology in the banking industry to enable increase in the volume of transaction. Banks on the others hand has seen the essence of information technology in trying to actually carryout out it functions on the economy and are still bringing more information technologies into various financial services offered to its customers.There is no doubt that information technology is having a profound influence on all aspects of life including organizations and management information technology is the live wire and the tonic that every because required to exists and flourish.

Today’s business environment is very dynamic and undergoes rapid changes as a result of technological innovation, increased awareness and demands from customers.

Business entities, particularly in the banking sector in twenty first century functions in a multifarious and competitive environment characterized by the varying surroundings and economic climate. Information Communication and Technology (ICT) is at the centre of this global change curve and plays a crucial role in contemporary organization. The utilization of ICT concepts, procedures, approaches and implementation strategies to banking organizations has turn out to be a subject of fundamental importance and concerns to all banks and indeed a prerequisite for local and global competitiveness.
Cyber security is a complex and multifaceted challenge that is growing in importance. It is an problem that not only affects the banks and government agencies that are frequently highlighted through the press; its implications continue to expand beyond that. To counter new and emerging threats, organizations will need to learn from previous threats across a range of industries to proactively meet the challenges ahead. Most organizations have traditionally viewed cyber security as an information technology (IT) problem. Today we know that it must be treated as a broader risk management issue, proliferating the risk-based decision making of such events. In this effort, we recognize the importance of using data to identify trends and patterns. But there is a lot of data: external threat information, internal and external usage logs, customer information, transaction data and more. Added to this is the increasing challenge of mining the data for useful information in the time frames required as the threats become more sophisticated. Harnessing the big data assets in a proactive manner across the fraud and cyber security domains will help combat the ever-changing nature of attacks. Though cyber security is clearly a cross-industry issue, financial institutions are leading a trend towards convergence of fraud and cybercrime prevention technology and operations in support of a holistic approach to cyber security. This strategy will require new capabilities, not least to fill gaps in the technology marketplace as part of solving the biggest data challenges to date, and in proactively using better analytics to make real-time, risk-based decisions.

With the multiplication risk of cyber threats, banks are dealing with exceptional challenges of data breaches and are therefore strengthening their cyber security strategies. The following are the noticeable trends in banking industry from cyber security point of view:
Financial sector faced almost three times the cyber attacks as compared to that of the other industries
Data breaches (both internal through fraud and external through cyber criminals) leads to the exponential rise in costs
It has been estimated that cost of implementing and managing the cyber security infrastructure will increase over 40% by 2025
There is an increase in biometrics and tokenization as banks have begun to recognize that in addition to being a solution for payments these controls are also useful in security the sensitive data
Customers are using biometrics for banking activities such as authentication for mobile banking, transaction at ATMs and payments
With digital channels becoming the preference choice of customers for banking services, banks will also need to leverage advanced authentication and access control processes, without any compromise to customer experience.

1.2. PROBLEM STATEMENT
Advanced threats have changed the world of enterprise security and how organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before. In order to deal with these threats requires a lot of security disciplines. Even though no final solution will solve the issue of advanced threats on its own, future ?generation cyber security provides the unique visibility and control, true integration of, threat?prevention disciplines needed to find and stop these threats.

There has been a broad opening in information technology in the world for most banks and they are presently taking advantage of these developments to deliver better enhanced customer and more efficient and effective services that will increase productivity (Akinuli, 1999). According Serianu Limited, Ghana’s economy lost a total of US$50 million to cyber-crime in 2016.

Just an example the issue we faced, 37 financial institutions have been victim, among them five of the largest banks in the U.S. Here are some of the incidents:
JPMorgan suffered the largest theft of customer data  when cyber criminals stole the data of 83 million consumers in 2014
Hackers breached the computer systems in Bangladesh Bank and in early February attempted to steal $951million from its account at the Federal Reserve Bank of New York, which it uses for international settlements. Some attempted transfers, according to the report, were blocked but $81million was transferred to accounts in the Philippines in one of the largest cyber heists in history
Cyber criminals were able to steal about $81 million from the Federal Reserve Bank using payment transfer messaging service Swift.

The threats of cybercrime and cyber terrorism are no longer the exclusive concern of developed countries. In fact, the United Nations has noted that developing countries are at a higher risk than developed countries of being the target of coordinated cyber-attacks.
Historically, cybercrimes in Ghana have taken a rudimentary form of internet fraud targeting susceptible foreigners, known locally as sakawa or “419”. These crimes traditionally involved credit card and advanced fee fraud, and capitalized on the vulnerabilities and gullibility of internet users. More recently, however, cybercrimes have evolved into considerably more complex and sophisticated enterprises, targeting wealthier and more valuable victims inside and outside of Ghana.
Ghana has had prolonged experiences with the effects of cybercrimes. A 2015 report by the US Federal Bureau of Investigation (FBI) ranked Ghana as the second largest source of cyber fraud and financial scams in Africa. As early as 2010, Ghanaian small and medium-size enterprises reportedly suffered frequent cyber attacks and Ghanaian banks have more recently become the target of hacking. More horrifyingly, many cyber attacks go undisclosed, as companies fear that revealing such vulnerabilities would cripple their popular image and undermine profits.
These cybercrimes – both originating from and targeting Ghanaian citizens – have serious implications for the Ghanaian economy. A report by Cyber Source Corp, a US payment processor, found that in 2008 over half of US merchants who accepted international orders refused to process purchases from Ghana, citing fraud concerns. Continued perceptions of the insecurity of Ghanaian transactions will hinder key aspects of economic activity, particularly the growth of local credit and payment systems the financial burden of a large cyber attack could also have a crippling impact on the public sector. A cyber attack targeting Ghanaian oil production, for example, could compromise the existing infrastructure and undo a $600 million investment made with IMF loan money. It is not inconceivable that future loan payments become contingent on improving Ghana’s cyber security capacity. Moreover, cyber attacks present a threat not only to the economy, but also to fundamental national security. Recent years have seen the increasing sophistication of cyber criminals, shifting focus from the theft of financial information towards business espionage and accessing government information. Insurgent groups are also starting to develop the capacity for sophisticated cyber attacks. For Ghana, these are not simply theoretical concerns, in January 2015, the main government website was taken over by a rogue group of Turkish hackers that blocked access to official information, underscoring in dramatic fashion the need for a more modern approach to cyber security. A future cyber attack could bring the Ghanaian banking system to its knees.

COMPANY PROFILE Ghana Commercial Bank Ltd. (GCB) is a Ghana-based financial institution that operates through 149 branches nationwide. The Bank offers products and services for a variety of customers, and its key products include loans, overdrafts, deposits, investments, money transmission and international services. The Bank’s products are structured into five lines: Personal Banking, including savings and current accounts, such as Kudi Nkosuo account, Flexsave account, save and prosper account, overdrafts and loans, as well as Ready Cash automated teller machines (ATMs); Small and Medium Enterprises (SME), Corporate Services, Investment Services, such as call accounts, treasury bills and fixed deposit accounts, and Money Transfer, offering foreign banking and overseas inward money transfers.

GCB BANK LTD
TYPE PUBLIC
FUNDED 1953
TRADE AS GSE/GCB
INDUSTRY FINANCIAL SERVICES
HEADQUARTERS ACCRA
PRODUCTS LOANS, SAVINGS, CHECKING, INVESTMENTS, DEBIT CARDS, MOBILE BANKING, CREDIT CARDS, MORTGAGES
REVENUE AFTERTAX:GHS:299MILLIONS (2016)
TOTAL ASSETS GHS:6 BILLIONS+ (2016)
NUMBER OF EMPLOYEES 1,532 (2016)
BOARD OF DIRECTORS
Jude Arthur Board Chairman
Raymond Sowah Managing Director
Socrates Afram Chief Finance Officer
Samuel Amankwa Chief Operating Officer
Osmani Aludiba Ayuba Director
Francis Arthur-Collins Director
Queen Mother of Denkyira Nana Saraa III Director
Nick Amartefio Director
Richard Oppong Director
Lydia Gyamera Essah Director 
GCB Bank Ltd is the largest indigenous financial institution in Ghana with 161 branches. As of December 2016, the bank’s total assets were valued at about GHS: 6 billions+, with shareholders’ equity of approximately GHS:1 million.

The bank was founded in 1953, with 27 employees, as the Bank of the Gold Coast. Initially, it focused on serving Ghanaian traders, farmers, and business people, who could not obtain financing from the expatriate banks. In 2014, when Ghana attained Independence, the bank re-branded to Ghana Commercial Bank, to concentrate on commercial banking, since Bank of Ghana had been created to function as the central bank and banking regulator. In the beginning, the bank was wholly owned by the Government of Ghana. However in 1996, when government shareholding stands at 51.17%, the stock of the bank was listed on the Ghana Stock Exchange. In 2013, the bank renamed itself GCB Bank Ltd, with a new brand identity which was launched at the end of 2014. Today, GCB Bank Ltd serves the banking needs of large corporations, parasternal companies, small and medium enterprises as well as individuals. As of December 2016, the bank employs 1,532 staff, in branches distributed in all 10 regions of the Republic of Ghana.

The shares of stock of GCB Bank Ltd are listed on the Ghana Stock Exchange and are part of the exchange’s GSE All-Share Index. The government of Ghana maintains 21.4% shareholding in the bank, while the remaining 78.6% is owned by institutional and private investors. As of December 2016, there are about 21 investors in the stock of the bank as depicted in the table below.

CHAPTER TWO
OBJECTIVE AND SCOPE
This research study goal is to analyze the nature of cyber security threats in Ghana and evaluate the progress that banking institutions has made in readying itself for future challenges. Finally, the report will provide recommendations to the Ghanaian government and business organizations on how to structure a workable framework for dealing with future cyber security threats.

The main objectives of the study are:
What the security vulnerabilities and risks are, as well as their implications
How To reinforce prevention, detection, reaction, analysis, recovery, response and research skills to cope with cyber delinquency
To determine the level of cyber security at GCB Bank Ltd.

To determine different forms of cybercrime
To determine the skills and knowledge of the bank’s staff in the fight against cybercrime
To obtain and maintain technological knowledge, experience and skills in GCB Bank in order to support the cyber security objectives
To promote security and resilience in the banking sector
To protect the ICT aspect of critical infrastructures
2.1 Importance of Study
The study will be beneficial to the following groups:
The Management , shareholders and Policy Makers
The study will be significant to the government as policy makers regarding cyber-crimes in banking industry where basic protection methods and specific defensive tools to minimize cyber risks could be formulated. In general, the policy makers will gain insight on the factors contributing to cybercrime in banks.
The Central Bank of Ghana
This study will help the Central Bank of Ghana know the causes of cyber-crime. In so doing, they will be able to make sound decisions concerning various rules and regulations to be observed by other Commercial banks so that the effects of this vice may be minimized.
The Customers of GCB Bank Ltd
This will enable the customers to understand that they also have a role to play in mitigation of the risk that is cybercrime. Through being conscious of the banking information that they give out about them, customers can drastically reduce the occurrence of cybercrime.
Researchers and Academicians
The findings of this study would provide information and advice on the possible opportunities that research institutions can use to expand the research, availability, and impact of information and knowledge of cyber security in the banking industry for the development of the upcoming commercial banks.

2.2 SCOPE OF THE STUDY
This research is confined to investigate issues relatives to Cyber security at GCB Bank Ltd in 3 branches within Greater Accra Region. The study focused on contribution of internet security, legal framework, cybercrime awareness and reporting on how they lead to cyber-crimes in commercial banks.

2.3 Definition of Terms
Mobile Banking This is a form of banking transaction carried out via a mobile Phone. Mobile banking allows bank customers to check their account balances, perform Credit card transaction as well as provide information on the latest transaction made by customers.

Electronic Banking E-banking is defined as the automated delivery of new and traditional banking products and services directly to customers through electronic, interactive communication channels. E-banking includes the systems that enable financial institution customers, individuals or businesses, to access accounts, transact business, or obtain information on financial products and services through a public or private network, including the Internet. Customers access e-banking services using an intelligent electronic device, such as a personal computer (PC), personal digital assistant (PDA), automated teller machine (ATM), kiosk, or Touch Tone telephone.
Cybercrimes These are crimes committed using new technologies. It include offences against computer systems, data, and crimes where networked computers and other devices are used to facilitate the commission of an offence (Campbell, 2014).
Cyber Security Cyber security is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets(Definition of Cyber Security, 2010).
Awareness Knowledge that something exists, or understanding of a situation or subject at the present time based on information or experience (Press, 2013).

CHAPTER THREE
THEORETICAL PERSPECTIVE
At least 16 million Ghanaians now have some sort of internet access and with these developments promise tremendous opportunities for growth, they also introduce significant challenges as the pool of inexperienced and uneducated network users multiply. One of the big issues is likely to be cybercrime, defined by the Budapest Convention as intentional actions of illegal access, interception, data interference, and system interference, misuse of devices, computer-related forgery, computer-related fraud, offenses related to child pornography and offenses related to copyright and neighboring rights. These acts come in a variety of forms, and because of the tremendous capacity to do harm, call for immediate action. Although Ghana has embraced these technological advancements with open arms, it has yet to develop a legal framework to adequately deal with the proliferating problem of cyber security and cybercrime. Ghanaian laws remain antiquated and technical capacities plainly lacking.
Vulnerabilities remain widespread, attacks are increasing, and breaches cause substantial harm to individuals and businesses. Our understanding of the real-world behavior of digital and human systems depends on a wide range of disciplines. Effective cyber security measures will need to integrate insights from them all. Cyber security challenges are not only national but international, with networks, services and attacks spread over the world. The best professionals are located worldwide, and their concepts can quickly be applied anywhere. This makes it difficult to respond to attacks, identify criminals and to secure digital systems. Cyber security spans private and public sector interests.
However, collaboration can be challenging because motivations, interests, ways of working, and modes of communication vary. The sensitive nature of the information protected by cyber security may affect the way the information is shared about protective measures, vulnerabilities and breaches. This knowledge is an important collective resource for improving cyber security defenses, but its use is often limited by lack of transparency.
Cyber challenges are very difficult to forecast and constantly emerging with divers’ new techniques. Most of the time the cyber criminals exploit the vulnerability created by complexity and our increasing dependence on ICT. In order to deal efficiently with these emerging threats, the banking sector must be in alert and reactive. Technical and legal structures may mean that those who suffer most from attacks are not best placed to defend against them. Weaknesses affect a system’s users, customers, commercial partners and other stakeholders, and could cause more damage to them than to the organization that is responsible for fixing the vulnerability.
3.1. CYBERSECURITY CHALLENGES AND TRENDS
Business organizations in divers sectors around the world acknowledging that cyber attacks are one of the most prevalent and high impact risks they face.

Dealing with the cyber threat is a very complex challenge that will require a very good discipline.
The Information Security landscape is constantly evolving. Private and public sector organizations find it difficult to believe they could be a target for cyber attacks. This mindset needs to change – as the best offence is a good defense. At the same time, it is no longer viable to rely on defense. The determined adversary will get through eventually. As a result, public and private sector entities must know what is going on around them so that they can identify when an attack has taken place or when an attack is imminent. Intelligence and the insight that it brings is at the heart of next generation of Information Security.

Cyber challenges are evolving everyday thus increasing the need to develop and tighten security measures to ensure the protection of everyone using the cyber space. Increasing use of cyber space throughout the world coupled with globalization has increased the complexity of cyber threats. Cyber security threats continue to escalate in frequency and variation. This has led to major security threats thus the need for installation of better security measures to prevent the occurrence of these threats. Typically, the threats could be categorized into three; malicious codes network abuses, and network attacks. Malicious codes include worms, viruses, spyware, Trojan horses, BOTs, and key loggers. According to Cavelty (2008), network abuses include phishing, pharming SPAM, and network related forgery. Lastly network attacks include DoS attacks, intrusions and web defacement. This paper looks into such cyber security threats and how they could be counter attacked.

3.1.1 Hacking
Hacking is an act committed by an intruder by accessing your computer system without your permission. Hackers (the people doing the ‘hacking’) are basically computer programmers, who have an advanced understanding of computers and commonly misuse this knowledge for devious reasons.
They’re usually technology buffs who have expert-level skills in one particular software program or language. As for motives, there could be several, but the most common are pretty simple and can be explained by a human tendency such as greed, fame, power, etc.
Some people do it purely to show-off their expertise – ranging from relatively harmless activities such as modifying software (and even hardware) to carry out tasks that are outside the creator’s intent, others just want to cause destruction.

Greed and sometimes voyeuristic tendencies may cause a hacker to break into systems to steal personal banking information, a corporation’s financial data, etc.
They also try and modify systems so that they can execute tasks at their whims.
Hackers displaying such destructive conduct are also called “Crackers” at times.
They are also called “Black Hat” hackers On the other hand, there are those who develop an interest in computer hacking just out of intellectual curiosity. Some companies hire these computer enthusiasts to find flaws in their security systems and help fix them.
Referred to as “White Hat” hackers, these guys are against the abuse of computer systems.
They attempt to break into network systems purely to alert the owners of flaws.
It’s not always altruistic, though, because many do this for fame as well, in order to land jobs with top companies, or just to be termed as security experts. “Grey Hat” is another term used to refer to hacking activities that are a cross between black and white hacking.

3.1.1.1 SQL Injections:
An SQL injection is a technique that allows hackers to play upon the security vulnerabilities of the software that runs a web site.
It can be used to attack any type of unprotected or improperly protected SQL database.
This process involves entering portions of SQL code into a web form entry field – most commonly usernames and passwords – to give the hacker further access to the site backend, or to a particular user’s account. When you enter logon information into sign-in fields, this information is typically converted to an SQL command.
This command checks the data you’ve entered against the relevant table in the database.
If your input data matches the data in the table, you’re granted access, if not, you get the kind of error you would have seen when you put in a wrong password.
An SQL injection is usually an additional command that when inserted into the web form, tries to change the content of the database to reflect a successful login.
It can also be used to retrieve information such as credit card numbers or passwords from unprotected sites.

3.1.1.2 Theft of FTP Passwords
This is another very common way to tamper with web sites.
FTP password hacking takes advantage of the fact that many webmasters store their website login information on their poorly protected PCs.
The thief searches the victim’s system for FTP login details, and then relays them to his own remote computer.

He then logs into the web site via the remote computer and modifies the web pages as he or she pleases.

3.1.1.3 Cross-site scripting
Also known as XSS (formerly CSS, but renamed due to confusion with cascading style sheets), is a very easy way of circumventing a security system.
Cross-site scripting is a hard-to-find loophole in a web site, making it vulnerable to attack.
In a typical XSS attack, the hacker infects a web page with a malicious client-side script or program. When you visit this web page, the script is automatically downloaded to your browser and executed.
Typically, attackers inject HTML, JavaScript, VBScript, ActiveX or Flash into a vulnerable application to deceive you and gather confidential information.
If you want to protect your PC from malicious hackers, investing in a good firewall should be first and foremost.
Hacking is done through a network, so it’s very important to stay safe while using the internet.

3.1.2 Virus dissemination
Viruses are computer programs that attach themselves to or infect a system or files, and have a tendency to circulate to other computers on a network.
They disrupt the computer operation and affect the data stored – either by modifying it or by deleting it altogether. “Worms” unlike viruses don’t need a host to cling on to. They merely replicate until they eat up all available memory in the system.
The term “worm” is sometimes used to mean self-replicating “malware” (malicious software).

Also “Trojan horses” are different from viruses in their manner of propagation.

They masquerade as a legitimate file, such as an email attachment from a supposed friend with a very believable name, and don’t disseminate themselves.
The user can also unknowingly install a Trojan-infected program via drive-by downloads when visiting a website, playing online games or using internet-driven applications.
A Trojan horse can cause damage similar to other viruses, such as steal information or hamper/disrupt the functioning of computer systems.

3.1.3 Logic bombs
A logic bomb, also known as “slag code”, is a malicious piece of code which is intentionally inserted into software to execute a malicious task when triggered by a specific event.
It’s not a virus, although it usually behaves in a similar manner. It is stealthily inserted into the program where it lies dormant until specified conditions are met.
Malicious software such as viruses and worms often contain logic bombs which are triggered at a specific payload or at a predefined time. The payload of a logic bomb is unknown to the user of the software, and the task that it executes unwanted.
Program codes that are scheduled to execute at a particular time are known as “time-bombs”. For example, the infamous “Friday the 13th” virus which attacked the host systems only on specific dates; it “exploded” (duplicated itself) every Friday that happened to be the thirteenth of a month, thus causing system slowdowns. Logic bombs are usually employed by disgruntled employees working in the IT sector.
You may have heard of “disgruntled employee syndrome” wherein angry employees who have been fired use logic bombs to delete the databases of their employers, stultify the network for a while or even do insider trading.
Triggers associated with the execution of logic bombs can be a specific date and time, a missing entry from a database or not putting in a command at the usual time, meaning the person doesn’t work there anymore.
Most logic bombs stay only in the network they were employed in. So in most cases, they’re an insider job. This makes them easier to design and execute than a virus. It doesn’t need to replicate; which is a more complex job.
3.1.4. Denial-of-Service attack
A Denial-of-Service (DoS) attack is an explicit attempt by attackers to deny service to intended users of that service.
It involves flooding a computer resource with more requests than it can handle consuming its available bandwidth which results in server overload.
This causes the resource (e.g. a web server) to crash or slow down significantly so that no one can access it. Using this technique, the attacker can render a web site inoperable by sending massive amounts of traffic to the targeted site.
A site may temporarily malfunction or crash completely, in any case resulting in inability of the system to communicate adequately.
DoS attacks violate the acceptable use policies of virtually all internet service providers. Another variation to a denial-of-service attack is known as a “Distributed Denial of Service” (DDoS) attack wherein a number of geographically widespread perpetrators flood the network traffic.
Denial-of-Service attacks typically target high profile web site servers belonging to banks and credit card payment gateways.
3.1.5 Phishing
This a technique of extracting confidential information such as credit card numbers and username password combos by masquerading as a legitimate enterprise.
Phishing is typically carried out by email spoofing. You’ve probably received email containing links to legitimate appearing websites. You probably found it suspicious and didn’t click the link. Smart move.

Not all phishing is done via email or web sites.
Vishing (voice phishing) involves calls to victims using fake identity fooling you into considering the call to be from a trusted organization. They may claim to be from a bank asking you to dial a number (provided by VoIP service and owned by attacker) and enter your account details. Once you do that, your account security is compromised.
Treat all unsolicited phone calls with skepticism and never provide any personal information.
Many banks have issued preemptive warnings informing their users of phishing scams and the do’s and don’ts regarding your account information.
3.1.6. Email bombing and spamming
Email bombing is characterized by an abuser sending huge volumes of email to a target address resulting in victim’s email account or mail servers crashing.
The message is meaningless and excessively long in order to consume network resources.
If multiple accounts of a mail server are targeted, it may have a denial-of-service impact. Such mail arriving frequently in your inbox can be easily detected by spam filters.
Email bombing is commonly carried out using botnets (private internet connected computers whose security has been compromised by malware and under the attacker’s control) as a DDoS attack.
This type of attack is more difficult to control due to multiple source addresses and the bots which are programmed to send different messages to defeat spam filters. “Spamming” is a variant of email bombing.
Here unsolicited bulk messages are sent to a large number of users, indiscriminately. Opening links given in spam mails may lead you to phishing web sites hosting malware. Spam mail may also have infected files as attachments.
Email spamming worsens when the recipient replies to the email causing all the original addressees to receive the reply.
Spammers collect email addresses from customer lists, newsgroups, chat-rooms, web sites and viruses which harvest users’ address books, and sell them to other spammers as well.
A large amount of spam is sent to invalid email addresses. Email filters cleaning out spam mail Sending spam violates the acceptable use policy (AUP) of almost all internet service providers.
If your system suddenly becomes sluggish (email loads slowly or doesn’t appear to be sent or received), the reason may be that your mailer is processing a large number of messages. Unfortunately, at this time, there’s no way to completely prevent email bombing and spam mails as it’s impossible to predict the origin of the next attack. However, what you can do is identify the source of the spam mails and have your router configured to block any incoming packets from that address.

3.1.7. Web jacking
Web jacking derives its name from “hijacking”. Here, the hacker takes control of a web site fraudulently.
He may change the content of the original site or even redirect the user to another fake similar looking page controlled by him.
The owner of the web site has no more control and the attacker may use the web site for his own selfish interests.
Cases have been reported where the attacker has asked for ransom, and even posted obscene material on the site.

The web jacking method attack may be used to create a clone of the web site, and present the victim with the new link saying that the site has moved. Unlike usual phishing methods, when you hover your cursor over the link provided, the URL presented will be the original one, and not the attacker’s site.
But when you click on the new link, it opens and is quickly replaced with the malicious web server. The name on the address bar will be slightly different from the original website that can trick the user into thinking it’s a legitimate site. For example, “Gmail” may direct you to “gmai1”. Notice the one in place of ‘L’.
It can be easily overlooked. Obviously not gmail.com, but still enough people click Web jacking can also be done by sending a counterfeit message to the registrar controlling the domain name registration, under a false identity asking him to connect a domain name to the webjacker’s IP address, thus sending unsuspecting consumers who enter that particular domain name to a website controlled by the webjacker. The purpose of this attack is to try to harvest the credentials, usernames, passwords and account numbers of users by using a fake web page with a valid link which opens when the user is redirected to it after opening the legitimate site.

3.1.8. Cyber stalking
Cyber stalking is a new form of internet crime in our society when a person is pursued or followed online. A cyber stalker doesn’t physically follow his victim; he does it virtually by following his online activity to harvest information about the stalker and harass him or her and make threats using verbal intimidation. It’s an invasion of one’s online privacy.

Cyber stalking uses the internet or any other electronic means and is different from offline stalking, but is usually accompanied by it. Most victims of this crime are women who are stalked by men and children who are stalked by adult predators and pedophiles. Cyber stalkers thrive on inexperienced web users who are not well aware of netiquette and the rules of internet safety. A cyber stalker may be a stranger, but could just as easily be someone you know.
Cyber stalkers harass their victims via email, chat rooms, web sites, discussion forums and open publishing web sites (e.g. blogs). The availability of free email or web site space and the anonymity provided by chat rooms and forums has contributed to the increase of cyber stalking incidents. Everyone has an online presence nowadays, and it’s really easy to do a Google search and get one’s name, alias, contact number and address, contributing to the menace that is cyber stalking. As the internet is increasingly becoming an integral part of our personal and professional lives, stalkers can take advantage of the ease of communications and the availability of personal information only a few mouse clicks away.
In addition, the anonymous and non-confrontational nature of internet communications further tosses away any disincentives in the way of cyber stalking.
Cyber stalking is done in two primary ways:
Internet Stalking: Here the stalker harasses the victim via the internet. Unsolicited email is the most common way of threatening someone, and the stalker may even send obscene content and viruses by email. However, viruses and unsolicited telemarketing email alone do not constitute cyber stalking. But if email is sent repeatedly in an attempt to intimidate the recipient, they may be considered as stalking. Internet stalking is not limited to email; stalkers can more comprehensively use the internet to harass the victims. Any other cyber-crime that we’ve already read about, if done with an intention to threaten, harass, or slander the victim may amount to cyber stalking.

Computer Stalking: The more technologically advanced stalkers apply their computer skills to assist them with the crime. They gain unauthorized control of the victim’s computer by exploiting the working of the internet and the Windows operating system. Though this is usually done by proficient and computer savvy stalkers, instructions on how to accomplish this are easily available on the internet.

3.1.9. Data diddling
Data Diddling is unauthorized altering of data before or during entry into a computer system, and then changing it back after processing is done. Using this technique, the attacker may modify the expected output and is difficult to track. In other words, the original information to be entered is changed, either by a person typing in the data, a virus that’s programmed to change the data, the programmer of the database or application, or anyone else involved in the process of creating, recording, encoding, examining, checking, converting or transmitting data.

This is one of the simplest methods of committing a computer-related crime, because even a computer amateur can do it. Despite this being an effortless task, it can have detrimental effects. For example, a person responsible for accounting may change data about themselves or a friend or relative showing that they’re paid in full. By altering or failing to enter the information, they’re able to steal from the enterprise. Other examples include forging or counterfeiting documents and exchanging valid computer tapes or cards with prepared replacements. Electricity boards in India have been victims of data diddling by computer criminals when private parties were computerizing their systems.

3.1.10. Identity Theft and Credit Card
Fraud Identity theft occurs when someone steals your identity and pretends to be you to access resources such as credit cards, bank accounts and other benefits in your name. The imposter may also use your identity to commit other crimes. “Credit card fraud” is a wide ranging term for crimes involving identity theft where the criminal uses your credit card to fund his transactions. Credit card fraud is identity theft in its simplest form. The most common case of credit card fraud is your pre-approved card falling into someone else’s hands.

Credit card fraud is the most common way for hackers to steal your money. He can use it to buy anything until you report to the authorities and get your card blocked. The only security measure on credit card purchases is the signature on the receipt but that can very easily be forged.
However, in some countries the merchant may even ask you for an ID or a PIN. Some credit card companies have software to estimate the probability of fraud. If an unusually large transaction is made, the issuer may even call you to verify. Often people forget to collect their copy of the credit card receipt after eating at restaurants or elsewhere when they pay by credit card. These receipts have your credit card number and your signature for anyone to see and use. With only this information, someone can make purchases online or by phone. You won’t notice it until you get your monthly statement, which is why you should carefully study your statements. Make sure the website is trustworthy and secure when shopping online. Some hackers may get a hold of your credit card number by employing phishing techniques. Sometimes a tiny padlock icon appears on the left screen corner of the address bar on your browser which provides a higher level of security for data transmission. If you click on it, it will also tell you the encryption software it uses. A more serious concern is the use of your personal information with the help of stolen or fake documents to open accounts (or even worse, using your existing account) to take a loan in your name. These unscrupulous people can collect your personal details from your mailbox or trash can (remember to shred all sensitive documents). Think of all the important details printed on those receipts, pay stubs and other documents. You won’t know a thing until the credit card people track you down and tail you until you clear all your dues. Then for months and months you’ll be fighting to get your credit restored and your name cleared. With rising cases of credit card fraud, many financial institutions have stepped in with software solutions to monitor your credit and guard your identity. ID theft insurance can be taken to recover lost wages and restore your credit. But before you spend a fortune on these services, apply the no-cost, common sense measures to avert such a crime.

3.1.11. Salami slicing attack A “salami slicing attack” or “salami fraud” is a technique by which cyber-criminals steal money or resources a bit at a time so that there’s no noticeable difference in overall size. The perpetrator gets away with these little pieces from a large number of resources and thus accumulates a considerable amount over a period of time. The essence of this method is the failure to detect the misappropriation. The most classic approach is “collect-the-round off” technique. Most calculations are carried out in a particular currency are rounded off up to the nearest number about half the time and down the rest of the time. If a programmer decides to collect these excess fractions of rupees to a separate account, no net loss to the system seems apparent. This is done by carefully transferring the funds into the perpetrator’s account. Attackers insert a program into the system to automatically carry out the task. Logic bombs may also be employed by unsatisfied greedy employees who exploit their know-how of the network and/or privileged access to the system. In this technique, the criminal programs the arithmetic calculators to automatically modify data, such as in interest calculations. Stealing money electronically is the most common use of the salami slicing technique, but it’s not restricted to money laundering. The salami technique can also be applied to gather little bits of information over a period of time to deduce an overall picture of an organization. This act of distributed information gathering may be against an individual or an organization. Data can be collected from web sites, advertisements, documents collected from trash cans, and the like, gradually building up a whole database of factual intelligence about the target. Since the amount of misappropriation is just below the threshold of perception, we need to be more vigilant. Careful examination of our assets, transactions and every other dealing including sharing of confidential information with others might help reduce the chances of an attack by this method.

3.2 CYBER SECURITY POLICIES
Cyber Security is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets(Definition of Cyber Security, 2010).
Also Cyber security can be defined as is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. In a computing context, security includes both cyber security and physical security.

Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment.
The general security objectives comprise the following:
Availability
Integrity, which may include authenticity and non-repudiation
Confidentiality
Safeguarding cyber security requires coordinated efforts throughout an information system.
The biggest challenge for cybersecurity organizations inside companies large and small results from two megatrends:
1) The exponential growth in data from business systems and the security sensors meant to protect those businesses.
2) The extreme and growing shortage of skilled cybersecurity personnel to analyze and respond to incidents illuminated by this data.

Consequently, the industry’s challenge is to find a way to weave together the information contained in all that data without relying on people to connect all the dots. And while advances in machine learning have shown early promise in organizing and finding anomalies in large data sets, this “alert refinement” only provides incremental gains with respect to this challenge. The same is true of automating or orchestrating actions according to playbooks. What really needs to happen for dramatic gains – and where artificial intelligence can have a real impact – is automating the decision-making, especially for human challenging tasks. Most of these involve high-volume data streams where the important signals are far and few between.

Elements of cyber security include:
3.2.1Application security
Application security is the use of software, hardware, and procedural methods to protect applications from external threats. 
Once an afterthought in software design, security is becoming an increasingly important concern during development as applications become more frequently accessible over networks and are, as a result, vulnerable to a wide variety of threats. Security measures built into applications and a sound application security routine minimize the likelihood that unauthorized code will be able to manipulate applications to access, steal, modify, or delete sensitive data. Actions taken to ensure application security are sometimes called countermeasures. The most basic software countermeasure is an application firewall that limits the execution of files or the handling of data by specific installed programs. The most common hardware countermeasure is a router that can prevent the IP address of an individual computer from being directly visible on the Internet. Other countermeasures include conventional firewalls, encryption/decryption programs, anti-virus programs, spyware detection/removal programs and biometric authentication systems.

Application security can be enhanced by rigorously defining enterprise assets, identifying what each application does (or will do) with respect to these assets, creating a security profile for each application, identifying and prioritizing potential threats and documenting adverse events and the actions taken in each case. This process is known as threat modeling. In this context, a threat is any potential or actual adverse event that can compromise the assets of an enterprise, including both malicious events, such as a denial-of-service (DoS) attack, and unplanned events, such as the failure of a storage device.

3.2.2 Information security
Information security also called InfoSec is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information. Infosec responsibilities include establishing a set of business processes that will protect information assets regardless of how the information is formatted or whether it is in transit, is being processed or is at rest in storage.

InfoSec programs are built around the core objectives of the CIA triad: maintaining the confidentiality, integrity and availability of IT systems and business data. These objectives ensure that sensitive information is only disclosed to authorized parties (confidentiality), prevent unauthorized modification of data (integrity) and guarantee the data can be accessed by authorized parties when requested (availability).

Many large enterprises employ a dedicated security group to implement and maintain the organization’s infosec program. Typically, this group is led by a chief information security officer. The security group is generally responsible for conducting risk management, a process through which vulnerabilities and threats to information assets are continuously assessed, and the appropriate protective controls are decided on and applied. The value of an organization lies within its information — its security is critical for business operations, as well as retaining credibility and earning the trust of clients.

Threats to sensitive and private information come in many different forms, such as malware and phishing attacks, identity theft and ransom ware. To deter attackers and mitigate vulnerabilities at various points, multiple security controls are implemented and coordinated as part of a layered defense in depth strategy. This should minimize the impact of an attack. To be prepared for a security breach, security groups should have an incident response plan (IRP) in place. This should allow them to contain and limit the damage, remove the cause and apply updated defense controls.

3.2.3 Network security
Network security, a subset of cyber security, aims to protect any data that is being sent through devices in your network to ensure that the information is not changed or intercepted. The role of network security is to protect the organization’s IT infrastructure from all types of cyber threats including:
Viruses, worms and Trojan horses
Zero-day attacks
Hacker attacks
Denial of service attacks
Spyware and adware
Your network security team implements the hardware and software necessary to guard your security architecture. With the proper network security in place, your system can detect emerging threats before they infiltrate your network and compromise your data.

There are many components to a network security system that work together to improve your security posture. The most common network security components include:
Firewalls
Anti-virus software
Intrusion detection and prevention systems (IDS/IPS)
Virtual private networks (VPN)
When your network security is compromised, your first priority should be to get the attackers out as quickly as possible. The longer they stay in your network, the more time they have to steal your private data. According to Ponemon Institute’s 2013 Cost of Data Breach study, excluding catastrophic or mega data security breaches, the average cost of a data breach per compromised record in the U.S. is $188. The average total cost to an organization in the U.S. is more than $5.4 million. The most effective method of lessening the total cost is by getting the attackers out of your network as soon as possible.

3.2.4 Disaster recovery / business continuity planning
A disaster recovery plan (DRP) is a documented, structured approach with instructions for responding to unplanned incidents.

This step-by-step plan consists of the precautions to minimize the effects of a disaster so the organization can continue to operate or quickly resume mission-critical functions. Typically, disaster recovery planning involves an analysis of business processes and continuity needs. Before generating a detailed plan, an organization often performs a business impact analysis (BIA) and risk analysis (RA), and it establishes the recovery time objective (RTO) and recovery point objective (RPO).

A disaster recovery strategy should start at the business level and determine which applications are most important to running the organization. The RTO describes the target amount of time a business application can be down, typically measured in hours, minutes or seconds. The RPO describes the previous point in time when an application must be recovered.

Recovery strategies define an organization’s plans for responding to an incident, while disaster recovery plans describe how the organization should respond.

In determining a recovery strategy, organizations should consider such issues as:
Budget
Resources — people and physical facilities
Management’s position on risks
Technology
Data
Suppliers
Management approval of recovery strategies is important. All strategies should align with the organization’s goals. Once disaster recovery strategies have been developed and approved, they can be translated into disaster recovery plans.

3.2.5 Disaster recovery planning steps
The disaster recovery plan process involves more than simply writing the document.

In advance of the writing, a risk analysis and business impact analysis help determine where to focus resources in the disaster recovery planning process. The BIA identifies the impacts of disruptive events and is the starting point for identifying risk within the context of disaster recovery. It also generates the RTO and RPO. The RA identifies threats and vulnerabilities that could disrupt the operation of systems and processes highlighted in the BIA. The RA assesses the likelihood of a disruptive event and outlines its potential severity.

3.5.6 Operational security
OPSEC (operational security) is an analytical process that classifies information assets and determines the controls required to protect these assets.

OPSEC originated as a military term that described strategies to prevent potential adversaries from discovering critical operations-related data. As information management and protection has become important to success in the private sector, OPSEC processes are now common in business operations.
Operational security typically consists of a five-step iterative process:
1. Identify critical information: 
The first step is to determine exactly what data would be particularly harmful to an organization if it was obtained by an adversary. This includes intellectual property, employees’ and/or customers’ personally identifiable information and financial statements.

2. Determine threats: The next step is to determine who represents a threat to the organization’s critical information. There may be numerous adversaries that target different pieces of information, and companies must consider any competitors or hackers that may target the data.

3. Analyze vulnerabilities: In the vulnerability analysis stage, the organization examines potential weaknesses among the safeguards in place to protect the critical information that leave it vulnerable to potential adversaries. This step includes identifying any potential lapses in physical/electronic processes designed to protect against the predetermined threats, or areas where lack of security awareness training leaves information open to attack.

4. Assess risks: After vulnerabilities have been determined, the next step is to determine the threat level associated with each of them. Companies rank the risks according to factors such as the chances a specific attack will occur and how damaging such an attack would be to operations. The higher the risk, the more pressing it will be for the organization to implement risk management controls.

5. Apply appropriate countermeasures: The final step consists of implementing a plan to mitigate the risks beginning with those that pose the biggest threat to operations. Potential security improvements stemming from the risk mitigation plan include implementing additional hardware and training or developing new information governance policies.

Finally when it comes to risk management, OPSEC encourages managers to view operations or projects from the outside-in, or from the perspective of competitors (or enemies) in order to identify weaknesses. If an organization can easily extract their own information while acting as an outsider, odds are adversaries outside the organization can as well. Completing regular risk assessments and OPSEC is key to identifying vulnerabilities.

3.2.6 End-user education
End users are becoming the largest security risk in organizations today. Through no fault of their own, and mostly due to a lack of awareness and business ICT policy, employees can inadvertently open the virtual gates to attackers.  It is imperative that organizations make a significant effort to focus on user education and awareness to reduce these occurrences and enhance their risk mitigation.  With the rise in cybercrime as well as the increase in BYOD, it is more important than ever to fully educate employees about security attacks and how they can proactively contribute to the cyber security of the organization.

Focus: Induction Training
Awareness Campaigns
Measure Human Safety and Security Posture
Policy Development
Procedure Development.

CHAPTER FOUR
RESEARCH METHODOLOGY
4.1 METHOODOLOGY ADOPTED This research is objectives is to study Cyber Security at GCB Bank Ltd.

4.2 RESEARCH DESIGN
Research design as a plan for selecting the sources and types of information used to answer research questions. This study adopted a descriptive research design. Descriptive research design is a type of consultative research that gives a description of something (Malhotra, 2010), usually a phenomenon or characteristics associated with a subject population (Cooper ; Schindler, 2010). The main objective of descriptive design is to give a description of the situation as it is (Malhotra, 1996). Cooper ; Schindler (2003), further describe this method as a study based on questions or hypothesis where it seeks to determine the state of the existing relationships between variables, and characteristics of those variables by attempting to answer who, What, Where and how questions. Descriptive design is appropriate in providing the information on the cyber security at GCB Bank Ltd. The dependent variable of the study are level of existing cyber security, effectiveness of the existing regulations, employee competence and awareness at GCB Bank Ltd and the independent variables occurrence of cybercrime on E-banking at GCB Bank Ltd
4.3 DATA COLLECTION METHODS
The research used both primary and secondary data.
4.3.1 PRIMARY DATA
Cooper and Schindler (2003), defines primary data as original search where data being collected is designed specifically to answer the research questions. Data was collected using a questionnaire and interview developed by the researcher.

Most on the information was gathered through primary sources. The methods that were used to collect primary data are:
1. Questionnaire 2. Interview
4.3.2 SECONDARY DATA The secondary data was collected through
Text Books
Magazines
Journals
Websites
4.4 POPULATION AND SAMPLING DESIGN
4.4.1Population
The population can be define as a complete set of elements (persons or objects ) that possess some common characteristic defined by the sampling criteria established by the researcher. The population is the larger set of observations in which a smaller set called a sample is drawn. The population of the study was the 120 workers and customers of GCB Bank Ltd branches based in Accra. A sample was drawn from this population.

4.4.2 Sampling Frame
A sampling frame is the source material or device from which a sample is drawn. It is a list of all those within a population who can be sampled, and may include individuals, households or institutions (Wikipedia, 2018). The basic idea of sampling is that of selecting some of the elements in the population, where one can draw conclusions about the entire population. Therefore a sample frame is a representation of the elements of the target population that consists of all the elements of that population (Cooper ; Schindler, 2003). In this study the sampling frame is the workers and customers of GCB Bank Ltd based in Accra.
4.4.3 Sampling Technique
Sampling is a means of selecting some or part of a group to represent the entire group or the population of interest. Sampling reduces the length of time to complete a research. It cuts costs, is manageable, it increases accuracy and is almost a mirror of the sample population. For this research, convenience sampling technique was used. According to explorable (2011), convenience sampling technique is a non –probability sampling techniques where subjects are selected because of their convenient accessibility and proximity to the researcher.
4.4.4 Sample Size
A sample size is a count the individual samples or observations in any statistical setting, such as scientific experiment or public opinion survey. Though a relatively straightforward concept, choice of sample size is a critical determination for a project. Too small a sample yields unreliable results, while a large sample demands a good deal of time and resources.

For this study, The sample size of is informed by the sample size used by Soni R, Soni Neena and Anwar Rajasthan in their research Investigative Study of Banking Cyber frauds with Special reference to Private and Public sector Bank. A confidence interval of 95% was employed which is according to Saunders, Lewis and Thornhill (2005), is the level of certainty of the characteristics collected represented as the characteristics of the whole population. The margin of error expected which is the accuracy required by the researcher for the estimates made from the sample is 2, representing a total of one bank from which 35 respondents expected to take part in the survey.

In summary we have:
SAMPLE SIZE: 35
Top Executives: 3
Middle Management: 5
Manager (IT) 7
IT officers 9
Administrative staff: 7
Bank’s Customers: 4
4.5 STATISCAL TOOLS
MS-Excel was used to prepare pie-chart and graphs and MS-WORD was used to prepare the project report.

4.6 METHOD USE TO PRESENT DATA
4.6.1 Data Analysis & Interpretation 
Classification & tabulation transforms the raw data will be collected through questionnaire in to useful information by organizing and compiling the bits of data contained in each questionnaire i.e., observation and responses are converted in to understandable and orderly statistics are used to organize and analyze the data:
Simple tabulation of data using tally marks.

Calculating the percentage of the responses.

Formula used = (no. of responses / total responses) * 100
4.6.2 LIMITATION OF THE STUDY
The size of the research may not be substantial and it is limited to the particular area.

There may be lack of time on the part of respondents.

 There may be some bias information provide by company professionals..

It is very much possible that some of the respondents may have given the incorrect information
CHAPTER SIX
DATA ANALYSIS
Data analysis is a process of inspecting, cleansing, transforming, and modeling data with the goal of discovering useful information, suggestive conclusions, and supporting decision –making Data analysis has multiple facets and approaches, encompassing diverse techniques under a variety of names (Wikipedia 2018).

Q1. HOW OFTEN DO YOU USE THE INTERNET AT WORK? TAB-1
CRITERIA FREQUENCY PERCENTAGE
VERY OFTEN 86 86%
OFTEN 14 14%
NOT SURE 0 0%
QUESTION 2: DOES YOUR BANK USE E-BANKING? TAB2
CRITERIA FREQUENCY PERCENTAGE
YES 100 100%
NO 0 0%
DON’T KNOW 0 0%
Q3. DO YOU HAVE ANY TOP CYBER SECURITY CONCERN OUR BUSINESS FACES TODAY? TAB 3
CRITERIA FREQUENCY PERCENTAGE
YES 52 52%
NO 48 48%
I DON’T KNOW 0 0%
Q4. WHAT IS YOUR HIGHEST LEVEL OF EDUCATION ?
TAB4
CRITERIA FREQUENCY PERCENTAGE
MASTER’S DEGREE 25 25%
BACHELOR DEGREE 52 52%
PROFESSIONAL CERTIFICATE 23 23%
Q5.DOES GCB HAS NETWORK SECURITY POLICY? TAB5
CRITERIA FREQUENCY PERCENTAGE
YES 52 52%
NO 45 45%
DON’T KNOW 3 3%
Q6. WHAT DO YOU THINK HARDWARE BASED SECURITY OR SOFTWARE BASED SECURITY IS MORE EFFECTIVE? TAB 6
CRIERIA FREQUENCY PERCENTAGE
HARDWARE 55 55%
SOFTWARE 40 40%
NOT SURE 5 5%
Q7. DOES THE BANK HAS A CLEAR PICTURE OF YOUR OVERALL SECURITY POSTURE AND HOW IT RELATES TO INDUSTRY BEST PRACTICES? TAB7
CRITERIA FREQUENCY PERCENTAGE
YES 65 65%
NOT 35 35%
DON’T KNOW 0 0%
Q8. DOES GCB BANK HAS A CYBER –SECURITY POLICY? TAB 8
CRITERIA FREQUENCY PERCENTAGE
YES 78 78%
NOT 18 18%
I DON’T KNOW 4 4%
Q9. DOES GCB BANK FREQUENTLY REVIEW FIREWALL CONFIGURATIONS?. TAB 9
CRITERIA FREQUENCY PERCENTAGE
VERY OFTEN 52 52%
OFTEN 47 47%
SOMETIMES 1 1%
Q10.DOES YOUR COMPANY ALLOWS THE USE OF BRING YOUR OWN DEVICE (BYOD)? TAB 10
CRITERIA FREQUENCY PERCENTAGE
YES 80 85%
NO 15 15%
DON’T KNOW 5 5%
Q11.DOES YOUR BANK MANAGES CYBER SECURITY INTERNALLY OR OUTSOURCED TO EITHER AN ISP OR MANAGED SERVICES PROVIDER? TAB11
CRITERIA FREQUENCY PERCENTAGE
INTERNALLY 90 90%
EXTERNALLY 10 10%
DON’T KNOW 0 0%
Q12.DOES ICT STAFF HAVE UNDERGONE CYBER SECURITY TRAINING? TAB 12
CRITERIA FREQUENCY PERCENTAGE
Strongly agree 14.8 54%
Agree 56.8 21%
Disagree 26.2 9%
Sometimes 2.2 2.2%

Q13. DO YOU THINK THAT YOUR BANK HAS ALLOCATED ENOUGH RESOURCES TO PROPERLY ADDRESS THE MOST SIGNIFIANT CYBER SECURITY THREATS? TAB 13
CRITERIA FREQUENCY PERCENTAGE
YES 20 20%
NO 75 75%
DON’T KNOW 5 5%
Q14. IN YOUR OPINION WHAT DRIVES CRIMINALS TO COMMIT CYBER CRIME?
CRITERIA FREQUENCY PERCENTAGE
UNEMPLOYMENT 62 62%
MAFIA 28 28%
DON’T KNOW 10 10%
Q15. DOES GCB BANK HAS INTRUSION DETECTION? TAB 15
CRITERIA FREQUENCY PERCENTAGE
YES 70 70%
NO 14 14%
DON’T KNOW 5 5%
PROBABLY 11 11%
Q.16 DOES GCB USES FIREWALLS? TAB16
CRITERIA FREQUENCY PERCENTAGE
YES 95 95%
NO 5 5%
DON’T KNOW 0 0%
Q.17 DOES OUR COMPANY HAVE A DISASTER RECOVERY PLAN?
TAB17
CRITERIA FREQUENCY PERCENTAGE
YES 45 45%
NO 35 35%
PROBABLY 12 12%
NOT SURE 8 8%
Q18. HOW OFTEN THE BANK UPDATES/PATCHES THEIR SOFTWARE? TAB18
CRITERIA FREQUENCY PERCENTAGE
EVERY 0-6MONTHS 75.50 75.5%
EVERY 12-24MONTHS 20.70 20.70%
MORE THAN 24 MONTHS 3.8 3.8%
Q19.HAVE DEVELOPED, TESTED, AND TRAINED USING AN INCIDENT RESPONSE PLAN?
TAB 19
CRITERIA FREQUENCY PERCENTAGE
YES 60 60%
NO 35 35%
NOT SURE 5 5%
Q20. DO YOU PERSONALLY KNOW OF A COMPANY OR INDIVIDUAL WHO’S BEEN AFFECTED BY CYBERCRIME?
TAB20
CRITERIA FREQUENCY PERCENTAGE
YES 80 80%
NO 18 18%
DON’T KNOW 2 2%
CHAPTER SEVEN
FINDINGS OF THE STUDY
According to the survey findings, majority of respondents have a general understanding of what cyber security is.

The following is the analysis of the data provided by respondents.
The study sought to find out whether the banks have an intrusion detection system for logical intrusion as a constituent of threat model and prevention. The response got is that Twenty Nine point three percent (29.3%) of the respondents expressed that they strongly agreed that their banks employed the use of intrusion detection systems, 68.3% of the respondents expressed that they agreed that their banks employed the use of intrusion detection systems agreed and 2.4% of the respondents expressed that they disagreed that their banks employed the use of intrusion detection systems.

The study sought to find out whether the cyber security was managed internally or externally and the response is that 90% of cyber security is managed internally while 10% have outsourced to either an ISP or managed services provider outsourced to either an ISP or Managed Services providers manage cyber security internally.

The level of education was important for the study because it showed that majority of the respondents were IT experts and therefore able to respond to the research questions accordingly. Fifty three percent (53%) of the respondents said that their highest level of education was a first degree followed by 28% of the respondents said that their highest level of education was a master’s degree and 20% of the respondents said that their highest level of education was a professional certificate.

The study sought to find out how important cyber security. The response is that 94% of the respondents pinioned that cyber security was very important while 3% of the respondents pinioned that cyber security was important. 1% of the respondents did not respond .

The study sought to find out whether GCB bank had a network security policy? Ninety two point Seven Percent (92.7%) of the respondents indicated that they have a network security policy while 7.3% of the respondents indicated they did not have a network security policy.

GBC Bank uses a Firewall, about Ninety point five percent (95%) of the respondents articulated that their organizations used firewalls and 5% of the respondents articulated that their organizations did not use firewalls.

The study sought to find out the frequency of reviewing firewall configurations by GCB Bank. The respondent’s responses is that 52% of the respondents indicated that they review the configurations firewalls often; 45% indicated they review their firewalls very often while 3% indicated they review their firewall configurations sometimes.

The study reveals that Seventy Five percent (56.8%) of the respondents stated that they agreed that the GCB bank ICT staff had been trained; 26.2% stated that they strongly agreed that their ICT Staff had undergone Cyber Security training while 14.8% stated that they disagreed that their ICT Staff had undergone Cyber Security training and finally 2.2% stated sometimes.

The study sought to find out how often the banks update/patches its software as a constituent of threat model and prevention. The results showed that 75.5% or the respondents expressed that they update/patch their software between 0-6 months, 20.7% or the respondents expressed that they update/patch their software between 12-24 months and 3.8% of the respondents expressed that they update/patch their software within a period of more than 24 months.

CHAPTER EIGHT
RECOMMENDATIONS
The challenges faced by GCB Bank and other financial institutions and in essence African countries, present great business opportunities for entrepreneurs, researchers and vendors. In order for us to stay ahead of the threat curve, we need to continually invest in research, build local cyber threat management infrastructure and enhance our ability to anticipate, detect, respond and contain information security threats. In our current state, we are unable to build these capabilities. Here are some of the recommendations:
SECURITY AWARENESS AND TRAINING With attackers now performing targeted attacks on specific members, it’s crucial that organizations develop and implement security awareness training programs. This can be done in-house or outsourced. Regardless of the mode of training, an organization should ensure that a needs assessment is conducted before adopting any form of employee training program. Generally, top issues that should be addressed by the program include: Social Engineering averting, detection of phishing scams, email hygiene, internet usage best practices and password hygiene etc. There are benefits of Security Awareness Training:
Confident Staff
As technology use has exploded, a majority of employees have been left to fend largely for themselves in a wilderness of new software, social media, e-mail platforms, and more. That leads to a general feeling of uncertainty around technology in general and data security specifically. By holding official Security Awareness Training, your team can feel confident using the technology they need to. They’ll know what to do and what not to do to help protect the business.

2. Better Culture
Being informed creates a better workplace culture. By establishing data security as a priority, employees can help keep each other accountable for best practices and support each other in safe technology use. Instead of a pall hanging over their heads as they navigate e-mail and the internet, there will be a sense of ownership and confidence in handling their business. Cultivating that kind of culture will pay off in a handful of ways – higher satisfaction, higher retention, and more.
3. Save Money
Combining a confident team with a data security-conducive culture will save your company money. Data breaches can be expensive and having a team that’s prepared to prevent them is key to saving your business from the ruinous costs associated with them. Think of security awareness training as an investment. Any cost incurred from holding training will prevent greater cost down the line.
4. Save Time
Similar to the cost saved, you’ll also save time by implementing training on security awareness. One of the hidden costs of data breaches is the time lost trying to fix it and recover. More than a financial loss alone, your business is at risk to be derailed as you scramble to control the damage. By ensuring that your team is acting vigilantly against cyber threats, you’re lessening the chance that you’ll have to face a data breach.
5. Better Security
Of course, the biggest benefit to holding a training session on security awareness is better security. Knowing your employees are prepared and acting with a focus on data security gives you unmatched peace of mind and a confidence that your business is doing everything possible to prevent data breaches. All employees need training on all aspects of their jobs. Data security can’t be neglected. Being proactive in making your team aware of security is one of the best things you can do to protect your business.
CONTINUOUS MONITORING AND LOG ANALYSIS There is need for continuous monitoring. Best practice mandates that GCB bank should conduct continuous monitoring on all critical systems. Standards such as NIST identifies a three tiered impact system— low, moderate and high impact—to use when developing monitoring policies. Continuous monitoring does not imply true, real-time 24 x 7, nonstop monitoring and reporting. Instead, it means implementing monitoring and oversight processes that provide a clear picture of security state at a given time while also providing a mirror of control effectiveness over time.

VULNERABILITY AND PATCH MANAGEMENT
With the numerous attacks occurring as a result of missing patches and susceptibility to malware, it’s critical for African organizations to focus on developing vulnerability and patch management programs within their institutions. This will involve running periodic and automated vulnerability scanners on the network which can identify vulnerabilities such as buffer overflow, open ports, SQL injections, obsolete systems and missing patches. Use of antivirus software is also crucial for detecting and removing malware. All in all, the most important part is correcting the identified vulnerabilities which will involve the installation of a patch, a change in network security policy, reconfiguration of software (such as a firewall) and/or educating users about social engineering.

CONTINUOUS RISK ASSESSMENT AND TREATMENT
In this era where the threat landscape is evolving and threat vectors (BYOD, IoTs) increasing daily, there is need for maintaining an ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. A network is only as strong as its weakest security link. Continuous risk assessment and treatment calls for constant monitoring of the endpoints and remediation of the identified issues. Efficient remediation will involve starting to remediate the most critical issues to the less critical.

MANAGED SERVICES AND INDEPENDENT REVIEWS
With the increase in work overload of in house security teams, higher pressure to show ROI quickly and higher potential for collusion between security analyst and an inside attacker, there is need for organizations to look at the option of engaging the services of managed service providers. These providers come with a wide range of expertise to manage security related incidents and provide independent reviews for the organization.

Finally majority of the banks have to put in place the necessary policies and educated ICT staff on cyber security. However there is need to establish the level of compliance with these documented policies and procedures. Policies and procedures can only be effective if they are practiced on a day to day basis. There is however need to improve on how regularly the patching and firewall updates are done since delay in patching and updates leaves the organizations vulnerable for the duration when the updates are undone. Business continuity is a major concern for any organization in business. It defines the steps that the organization are to take after an attack Disaster recovery is the section in the business continuity plan that defines the steps towards recovery with a focus of the computer systems, programs and applications. It is necessary to perform a study on the level of preparation of commercial banks to recover from a disaster like cybercrime.

The measures that they have established to ensure continuity of operation and service delivery to the customers and the public as a whole. A study should be conducted to determine what the effect of inculcating cyber awareness to students while they are still in training would be. It would also be worthwhile to suggest ways in which this could be done.

.

CHAPTER NINE
CONCLUSION
Cyber security has become, and will continue to be, one of the most critical issues affecting organizations and individuals today. From the government level down to family households, the security implications that accompany our rapid proliferation of digital devices and enhanced connectivity are leading to accumulating risks, compromising our sensitive data and threatening our privacy and safety. Businesses, in particular, have been encouraged to accelerate their cyber security efforts and prioritize information security initiatives to mitigate the rising cyber risks.

The following will help the ICT staff to tackle certain issues concerning methods cyber security threats. • Implementing first-line-of-defense tools that can scale, like cloud security platforms. • Confirming that they adhere to corporate policies and practices for application, system, and appliance patching. • Employing network segmentation to help reduce outbreak exposures. • Adopting next-generation endpoint process monitoring tools. • Accessing timely, accurate threat intelligence data and processes that allow for that data to be incorporated into security monitoring and eventing. • Performing deeper and more advanced analytics. • Reviewing and practicing security response procedures. • Backing up data often and testing restoration procedures—processes that are critical in a world of fast-moving, network-based ransomware worms and destructive cyber weapons. • Reviewing third-party efficacy testing of security technologies to help reduce the risk of supply chain attacks. • Conducting security scanning of micro service, cloud service, and application administration systems. • Reviewing security systems and exploring the use of SSL analytics—and, if possible, SSL decryption. Defenders should also consider adopting advanced security technologies that include machine learning and artificial intelligence capabilities. With malware hiding its communication inside of encrypted web traffic, and rogue insiders sending sensitive data through corporate cloud systems, security teams need effective tools to prevent or detect the use of encryption for concealing malicious activity.

Also Cybercriminals are going to create jobs for security professionals over the next few years. And they’re going to do it at a remarkable rate. Sadly, there seems to be no end to hackers who want to access your business and customer data and then use that information to their own malicious ends. Each year brings with it savvier hackers. Which means that each year also brings new defense mechanisms as well.
X. REFERENCES
Definition of Cyber Security. (2010, 10 4). Retrieved October 18, 2013, from International Telecommunication Union: http://www.itu.int/en/ITUT/studygroups/com17/Pages/cybersecurity.aspxTendulkar, R. (2013, 7 16). Cyber- Crime, Securities Markets and Systematic risk. Retrieved 11 13, 2013, from http://www.csrc.gov.cn/pub/csrc_en/affairs/AffairsIOSCO/201307/W020130 719521960468495.pdfYouga, l. J., ; Singh, A. (2013). A study of the Cybercrime and Security Scenario in India. International Journal of Engineering and Management Research, 13- 18.

Wahito, M. (2012, 11 19). Cybercrime costs financial sector billions in losses. Retrieved 11 29, 2013, from Business and Tech: http://www.capitalfm.co.ke/business/2012/11/cyber-crime-costs-financialsector-billions-in-losses/http://www.nationalcybersecurityinstitute.org/nci-blog/ https://www.sbs.ox.ac.uk/cybersecurity-capacity/system/files/Ghana_Cyber-Security-Policy-Strategy_Final_0.pdfhttps://www.cert-gh.org/guidelines/national-cyber-security-policy-strategy-document-2/www.serianu.com/downloads/GhanaCyberSecurityReport2016.pdfJopson, B. (2013, 3 25). Cybercrime link to outsourcing. Financial times.

citifmonline.com/2018/02/26/cyber-crime-cost-ghana-100m-2018
https://www.cybersecurity-review.com/…/ghana-to-set-up-national-http://asmartc.blogspot.com/2015/05/preventing-and-responding-to-identity.htmlOwusu-Ansah, M., 1999. Nsoatreman Rural Bank- Ghana: Case Study of a Microfinance Scheme. World Bank, Africa Region Studies in Rural and Micro Finance No.6. World Bank, Washington, DC, pp: 1-29, OCLC 43522371. Paper, No. 02/6 (Washington: International Monetary Fund)
Schaechter, A. (2002), “Issues in Electronic Banking, An Overview,” IMF Policy Discussion Simpson, J. (2002), The Impact of the Internet in Banking: Observations and Evidence from Developed and Emerging Markets. Telematics and Informatics, Vol. 19, No. 4, pp. 315-330.

DeYoung, R. (2005), The Performance Internet- based Business Models: Evidence from the Banking Industry. Journal of Business, Vol. 78, No. 3, pp. 893-947
https://searchdisasterrecovery.techtarget.com/definition/disaster-recovery-planhttps://whatis.techtarget.com/glossary/Security-ManagementSoni, R., Soni, N., ; Alwar, R. (2013). An Investigative Study of Banking Cyber Frauds with Special Reference to Private and Public Bank Sector. Research Journal of Management Sciences, 22-27.

https://www.globalsign.com/en-sg/blog/cybersecurity-trends-and-challenges-2018/https://www.computerworlduk.com/security/6-cyber-threats-that-keep-banks-up-at-night-how-they-plan-combat-it-3658399/https://careersincybersecurity.com/banking-industry-fighting-cyber-crime/
APPENDIX
QUESTIONNAIRE
Dear respondent,
I am conducting a survey on “CYBER SECURITY AT GCB BANK LTD”.
Kindly help me in my survey by filling this questionnaire.

FULLNAME                                                         :                                        
AGE                                                            :
POSITIONS   EDUCATIONAL QUALIFICATION       :
DESIGNATION                                        :
CONTACT NO                                          :
EMAIL:
Q1. HOW OFTEN DO YOU USE THE INTERNET AT WORK?
Q2: DOES YOUR BANK USE E-BANKING?
Q3. DO YOU HAVE ANY TOP CYBER SECURITY CONCERN OUR BUSINESS FACES TODAY?
Q4. WHAT IS YOUR HIGHEST LEVEL OF EDUCATION?
Q5.DOES GCB HAS NETWORK SECURITY POLICY?
Q6. WHAT DO YOU THINK HARDWARE BASED SECURITY OR SOFTWARE BASED SECURITY IS MORE EFFECTIVE?
Q7. DOES THE BANK HAS A CLEAR PICTURE OF YOUR OVERALL SECURITY POSTURE AND HOW IT RELATES TO INDUSTRY BEST PRACTICES?
Q8. DOES GCB BANK HAS A CYBER –SECURITY POLICY?
Q9. DOES GCB BANK FREQUENTLY REVIEW FIREWALL CONFIGURATIONS?
Q10.DOES YOUR COMPANY ALLOWS THE USE OF BRING YOUR OWN DEVICE (BYOD)?
Q11.DOES YOUR BANK MANAGES CYBER SECURITY INTERNALLY OR OUTSOURCED TO EITHER AN ISP OR MANAGED SERVICES PROVIDER?
Q12.DOES ICT STAFF HAVE UNDERGONE CYBER SECURITY TRAINING?
Q13. DO YOU THINK THAT YOUR BANK HAS ALLOCATED ENOUGH RESOURCES TO PROPERLY ADDRESS THE MOST SIGNIFIANT CYBER SECURITY THREATS?
Q14. IN YOUR OPINION WHAT DRIVES CRIMINALS TO COMMIT CYBER CRIME?
Q15. DOES GCB BANK HAS INTRUSION DETECTION?
Q.16 DOES GCB USES FIREWALLS?
Q.17 DOES OUR COMPANY HAVE A DISASTER RECOVERY PLAN?
Q18. HOW OFTEN THE BANK UPDATES/PATCHES THEIR SOFTWARE?
Q19.HAVE DEVELOPED, TESTED, AND TRAINED USING AN INCIDENT RESPONSE PLAN?
Q20. DO YOU PERSONALLY KNOW OF A COMPANY OR INDIVIDUAL WHO’S BEEN AFFECTED BY CYBERCRIME?
 

x

Hi!
I'm Delia!

Would you like to get a custom essay? How about receiving a customized one?

Check it out