Assessment of the Risk of a Cybersecurity Breach in a Commercial Bank (by the Example of an Attacks “Brute Force” and “Black Box” on ATMS)

Abstract

Abstract. During the XX–XXI century there was a development of technologies, which resulted in the creation of a global financial system that allows you to quickly make money transactions in opposite points of the Earth. The progress of digital transformation of society and, in particular, financial and economic systems leads to the complication of the problems of information security of competing entities. By focusing on scientific research, we can achieve success in these areas. The purpose of the study: to increase the level of security of banking services for individuals and legal entities in accordance with the recommendations of information security standards by analyzing the risk of information security violations in electronic banking technologies (on the example of the “Brute force” and “Black box” attacks). Research methods: empirical methods of scientific knowledge (observation, measurement, experiment), theoretical methods (analysis, synthesis, induction, deduction, abstraction, formalization), graphical interpretation of information, probability theory methods and computer programming. The result of the study: standards for effective management of information security management at the enterprise are considered. The advantage of social engineering methods over the “Brute force” method of PIN codes is shown quantitatively. The time characteristics of its commission and protective measures against attacks of the “Black box” type are analyzed. A method for improving the effectiveness of the response and protection of ATMS from attacks of the “Black box” type is proposed.