FINANCIAL CYBERCRIME INVESTIGATIONS AND DIGITAL FORENSICS IN EU FINANCIAL SYSTEM
Abstract
The article is devoted to current issues of digital forensics in the financial sphere, considering the experience of the European Union. The authors summarized the results of scientific research on the portrait of a cybercriminal, classified their types, and provided a comparative description of the motives and features of crimes committed offline and online. The motives of cybercriminals, which distinguish them from traditional criminals, are curiosity and challenge. In addition, a significant factor in the commission of crimes in cyberspace is anonymity, which reduces the risk of being exposed and increases the determination of cybercriminals. Depending on the motivation for hacking computer systems, white hat, grey hat and black hat hackers are distinguished. In addition to these main types, there are many other varieties: red hat, blue hat hackers, script kiddies, hacktivists and others. The article examines the dynamics of cyber incidents occurring in the financial sphere and reveals a significant increase in them for the period of 2021-2024. The authors specified the content of the main stages of digital forensics in terms of the following components: preparatory stage; identification of cyber threats; incident response; collection and preservation of digital evidence; investigation and analysis of digital evidence; cyber incident reporting; recovery from a cyber incident. The article identifies the main difficulties in the investigation of cyber incidents in the field of financial services. These include: integrated management system of financial institutions; encryption and secure communication channels that are inaccessible to forensic investigators; difficulties in tracking the source of illegal actions; regulatory and jurisdictional barriers; a significant amount of financial transactions; problems with cloud computing and virtualized environments; internal threats (breach of confidentiality by employees or contractors); limited resources and experience; the rapidly evolving threat landscape (constant adaptation and new methods of cybercrime in the financial sector). To overcome obstacles in digital forensics in the financial sector, a combination of advanced forensic tools, specialized expertise and close cooperation between financial institutions, law enforcement and regulatory authorities is proposed.
References
Бабенко О.О., Мокляк А.С. Теоретичний аналіз дослідження психологічного портрета кіберзлочинця. Теорія і практика сучасної психології. 2018. № 2. С. 89–93.
Коваль О.Є. Психологічний портрет кіберзлочинця. Україна в умовах реформування правової системи: сучасні реалії та міжнародний досвід: матеріали ІІ Міжнародної науково-практичної конференції (м. Тернопіль, 21-22 квіт. 2017р.). С. 189–192.
Світличний В.А. Деякі концепції соціальної інженерії. Протидія кіберзлочинності та торгівлі людьми: збірник матеріалів міжнародної науково-практичної конференції (м. Вінниця, 31 трав. 2023 р.). Вінниця: ХНУВС, 2023. С. 161–164.
Noordegraaf J.E., Weulen Kranenbarg M. Why do young people start and continue with ethical hacking? A qualitative study on individual and social aspects in the lives of ethical hackers. Criminology & Public Policy. 2023. Vol. 22. P. 803–824. DOI: https://doi.org/10.1111/1745-9133.12650
Weulen Kranenbarg M., van Gelder J.-L., Barends A. J., de Vries R. E. Is there a cybercriminal personality? Comparing cyber offenders and offline offenders on HEXACO personality domains and their underlying facets. Computers in Human Behavior. 2023. Vol. 140. DOI: https://doi.org/10.1016/j.chb.2022.107576
Leukfeldt E., Lavorgna A., Kleemans E.R. Organised Cybercrime or Cybercrime that is Organised? An Assessment of the Conceptualisation of Financial Cybercrime as Organised Crime. European Journal on Criminal Policy and Research. 2017. Vol. 23. P. 287–300. DOI: https://doi.org/10.1007/s10610-016-9332-z
Richet J.-L. How cybercriminal communities grow and change: An investigation of ad-fraud communities. Technological Forecasting and Social Change. 2022. Vol. 174. DOI: https://doi.org/10.1016/j.techfore.2021.121282
Kerstens J., Jansen J. The Victim–Perpetrator Overlap in Financial Cybercrime: Evidence and Reflection on the Overlap of Youth’s On-Line Victimization and Perpetration. Deviant Behavior. 2016. Vol. 37(5). P. 585–600. DOI: https://doi.org/10.1080/01639625.2015.1060796
Inside the mind of a cybercriminal. BBVA Group. URL: https://www.bbva.com/en/innovation/inside-the-mind-of-a-cybercriminal/ (дата звернення: 12.08.2024).
Europol. Internet Organised Crime Threat Assessment (IOCTA) 2024. Publications Office of the European Union, Luxembourg, 2024. DOI: https://doi.org/10.2813/442713
EuRepoc Data. European Repository of Cyber Incidents. URL: https://eurepoc.eu/databases (дата звернення: 25.08.2024).
Dzomira S. Digital forensic technologies as e-fraud risk mitigation tools in the banking industry: Evidence from Zimbabwe. Risk Governance and Control: Financial Markets and Institutions. 2014. Vol. 4 (2-1). P. 116–124. DOI: https://doi.org/10.22495/rgcv4i2c1art4
Prasanthi B.V., Kanakam P., Hussain S.M. Cyber Forensic Science to Diagnose Digital Crimes- A study. International Journal of Computer Trends and Technology. 2017. Vol. 50(2). P. 107–113. DOI: https://doi.org/10.14445/22312803/ijctt-v50p119
Singh S., Kumar S. Qualitative Assessment of Digital Forensic Tools. Asian Journal of Electrical Sciences. 2020. Vol. 9(1). P. 25–32. DOI: https://doi.org/10.51983/ajes-2020.9.1.2372
Singh S., Singh V.K. Digital Forensic Investigation: Ontology, Methodology, and Technological Advancement. In Advancements in Cybercrime Investigation and Digital Forensics. Apple Academic Press, 2023. P. 137–160. DOI: https://doi.org/10.1201/9781003369479-7
Benjamine B. C., Subramaniam S. Enhancing the Financial Sector’s Cyber Security in the Digital Economy. Financial Stability Review. 2019. P. 44–46. URL: https://www.bnm.gov.my/documents/20124/6433062/fsr2019h1_en_box2.pdf (дата звернення: 25.08.2024).
Babenko O. O., Moklyak A. S. (2018) Teoretychnyy analiz doslidzhennya psykholohichnoho portreta kiberzlochyntsya [Theoretical analysis of the study of the psychological portrait of a cybercriminal]. Teoriya i praktyka suchasnoyi psykholohiyi, no. 2, pp. 89–93. (in Ukrainian)
Koval O. E. (April 21-22, 2017) Psykholohichnyy portret kiberzlochyntsya [Psychological portrait of a cybercriminal]. Ukrayina v umovakh reformuvannya pravovoyi systemy: suchasni realiyi ta mizhnarodnyy dosvid: materialy II Mizhnarodnoyi naukovo-praktychnoyi konferentsiyi. Ternopil. Pp. 189–192. (in Ukrainian)
Svitlychny V. A. (May 31, 2023) Deyaki kontseptsiyi sotsialnoyi inzheneriyi [Some concepts of social engineering]. Protydiya kiberzlochynnosti ta torhivli lyudmy: zbirnyk materialiv mizhnarodnoyi naukovo-praktychnoyi konferentsiyi. Vinnytsya: KHNUVS, pp. 161–164. (in Ukrainian)
Noordegraaf J. E., Weulen Kranenbarg M. (2023) Why do young people start and continue with ethical hacking? A qualitative study on individual and social aspects in the lives of ethical hackers. Criminology & Public Policy, no. 22, pp. 803–824. DOI: https://doi.org/10.1111/1745-9133.12650
Weulen Kranenbarg M., van Gelder J.-L., Barends A. J., de Vries R. E. (2023) Is there a cybercriminal personality? Comparing cyber offenders and offline offenders on HEXACO personality domains and their underlying facets. Computers in Human Behavior, no. 140. DOI: https://doi.org/10.1016/j.chb.2022.107576
Leukfeldt E., Lavorgna A., Kleemans E. R. (2017) Organised Cybercrime or Cybercrime that is Organised? An Assessment of the Conceptualisation of Financial Cybercrime as Organised Crime. European Journal on Criminal Policy and Research, no. 23, pp. 287–300. DOI: https://doi.org/10.1007/s10610-016-9332-z
Richet J.-L. (2022) How cybercriminal communities grow and change: An investigation of ad-fraud communities. Technological Forecasting and Social Change, vol. 174. DOI: https://doi.org/10.1016/j.techfore.2021.121282
Kerstens J., Jansen J. (2016) The Victim–Perpetrator Overlap in Financial Cybercrime: Evidence and Reflection on the Overlap of Youth’s On-Line Victimization and Perpetration. Deviant Behavior, vol. 37(5), pp. 585–600. DOI: https://doi.org/10.1080/01639625.2015.1060796
Inside the mind of a cybercriminal. BBVA Group. Available at: https://www.bbva.com/en/innovation/inside-the-mind-of-a-cybercriminal/
Europol (2024) Internet Organised Crime Threat Assessment (IOCTA) 2024. Publications Office of the European Union, Luxembourg. DOI: https://doi.org/10.2813/442713
EuRepoc Data. European Repository of Cyber Incidents. Available at: https://eurepoc.eu/databases
Dzomira S. (2014) Digital forensic technologies as e-fraud risk mitigation tools in the banking industry: Evidence from Zimbabwe. Risk Governance and Control: Financial Markets and Institutions, no. 4(2-1), pp. 116–124. DOI: https://doi.org/10.22495/rgcv4i2c1art4
Prasanthi B. V., Kanakam P., Hussain S. M. (2017) Cyber Forensic Science to Diagnose Digital Crimes- A study. International Journal of Computer Trends and Technology, no. 50(2), pp. 107–113. DOI: https://doi.org/10.14445/22312803/ijctt-v50p119
Singh S., Kumar S. (2020) Qualitative Assessment of Digital Forensic Tools. Asian Journal of Electrical Sciences, no. 9(1), pp. 25–32. DOI: https://doi.org/10.51983/ajes-2020.9.1.2372
Singh S., Singh V. K. (2023) Digital Forensic Investigation: Ontology, Methodology, and Technological Advancement. In Advancements in Cybercrime Investigation and Digital Forensics. Apple Academic Press. Pp. 137–160. DOI: https://doi.org/10.1201/9781003369479-7
Benjamine B. C., Subramaniam S. (2019) Enhancing the Financial Sector’s Cyber Security in the Digital Economy. Financial Stability Review, pp. 44–46. Available at: https://www.bnm.gov.my/documents/20124/6433062/fsr2019h1_en_box2.pdf
