Abstract
This paper aims to summarise threats of new technologies, mainly the artificial intelligence solutions employed by the financial industry. Based on the professional literature, the paper provides an assessment and prioritization of threats of different systems. The authors also estimate the threat of the various threat actors. The paper assesses the risk of artificial intelligence solutions embedded into financial systems based on the abovementioned factors. The paper also concludes that no specific audit standards are applicable for AI systems. The authors suggest developing a design, implementation, and operational guideline supporting organizations that use ICT applications during their day-to-day operations. This paper is the first to highlight new research and development action plans and provide a practical summary of this field’s currently available fragmented knowledge. It suggests some potential solutions for the issue.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Paleri, P.: National security: Imperatives and challenges, p. 521. Tata McGraw-Hill, New Delhi (2008) ISBN 978-0-07-065686-4
McAffee: What is Stuxnet? https://www.mcafee.com/enterprise/en-us/security-awareness/ransomware/what-is-stuxnet.html#overview [online] (2018)
Kaspersky: BlackEnergy APT attacks in Ukraine. https://www.kaspersky.com/resource-center/threats/blackenergy [online] (2016)
McAffee: What is Petya and NotPetya Ransomware? https://www.mcafee.com/enterprise/en-us/security-awareness/ransomware/petya.html [online] (2017)
CISA: Conti ransomware Alert (AA21-265A). https://www.cisa.gov/uscert/ncas/alerts/aa21-265a [online] (2021a)
Willett, M.: Lessons of the SolarWinds hack. https://www.iiss.org/blogs/survival-blog/2021/04/lessons-of-the-solarwinds-hack (2021)
IBM Cost of a Data Breach Report 2021 explores ways to help mitigate risk. https://www.ibm.com/security/data-breach [online]
GOV.UK: UK exposes Russian cyber attacks. https://www.gov.uk/government/news/uk-exposes-russian-cyber-attacks [online] (2018)
Nyikes, Z., Nyikes, Z.: Digital competence and the safety awareness base on the assessments results of the Middle East-European generations. Proc. Manuf. (2351-9789). 22, 916–922 (2018). https://doi.org/10.1016/j.promfg.2018.03.130
Hakala, J., Melnychuk, J.: Russia’s strategy in cyberspace. NATO Strategic Communications Centre of Excellence (2021). ISBN: 978-9934-564-90-1
Nyikes, Z.: Contemporary digital competency review. Interdiscip. Descr. Complex Syst. (1334-4684 1334-4676) 16(1), 124–131 (2018). https://doi.org/10.7906/indecs.16.1.9
CISA: China cyber threat overview and advisories. https://www.cisa.gov/uscert/china [online] (2021b)
Nyikes, Z.: Creation proposal for the digital competency framework of the middle-east European region. Key Eng. Mater. (1013-9826 1662-9795) 755, 106–111 (2017). https://doi.org/10.4028/www.scientific.net/KEM.755.106
Mangan, D.: North Korean hackers charged in massive cryptocurrency theft scheme. https://www.cnbc.com/2021/02/17/north-korean-hackers-charged-in-massive-cryptocurrency-theft-scheme.html [online] (2021)
CISA: CISA alert (AA21-048A). https://www.cisa.gov/uscert/ncas/alerts/2021 [online] (2021c)
Howell O’Neill, P.: The fall and rise of a spyware empire. https://www.technologyreview.com/2019/11/29/131803/the-fall-and-rise-of-a-spyware-empire/ [online] (2019)
Bing, C., Schectman, J.: Project Raven: Inside The UAE’s secret hacking team of American mercenaries. https://www.reuters.com/investigates/special-report/usa-spying-raven/ [online] (2019)
Corera, G.: Pegasus scandal: Are we all becoming unknowing spies? https://www.bbc.com/news/technology-57910355 [online] (2019)
Montibello, K.: Hacking-as-a-service: How this new offering is changing the threat landscape. https://intsights.com/blog/hacking-as-a-service [online] (2018)
Nyikes, Z.: Information security issues of RFID. In: Szakál, A. (ed.) SAMI 2016: IEEE 14th International Symposium on Applied Machine Intelligence and Informatics 2016, pp. 111–114. IEEE, New York (2016). ISBN: 9781467387392
FireEye: APT28: At the center of the storm. https://www.mandiant.com/media/10256/download [online] (2017)
Nyikes, Z., Rajnai, Z.: Big Data, As Part of the Critical Infrastructure. In: Szakál, A. (ed.) SISY 2015, IEEE 13th International Symposium on Intelligent Systems and Informatics: Proceedings, pp. 217–222. IEEE, New York (2015). ISBN: 9781467393881
Comiter, M.: Attacking Artificial Intelligence AI’s security vulnerability and what policymakers can do about it. https://www.belfercenter.org/publication/AttackingAI [online] (2021)
Kovács, T.A., Tokody, D.: In situ testing of rail damages in accordance with Industry 4.0. J. Phys. Conf. Ser. (1742-6588 1742-6596). 1045, 1–6 (2018). https://doi.org/10.1088/1742-6596/1045/1/012032
Dickson, B.: Machine learning security vulnerabilities are a growing threat to the web, report highlights. https://portswigger.net/daily-swig/machine-learning-security-vulnerabilities-are-a-growing-threat-to-the-web-report-highlights [online] (2021)
Bholat, D., Gharbawi, M., Thew, O.: The impact of Covid on machine learning and data science in UK banking | Bank of England. Bank of England Q. Bull. Q4, 2020 (2020)
BaFin: Big data and artificial intelligence: Principles for the use of algorithms in decision-making processes (2021)
Calzolari, G.: Artificial Intelligence market and capital flows – AI and the financial sector at crossroads pp. 14–18. European Parliament, PE 662.912 – May 2021 (2021)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature B.V.
About this paper
Cite this paper
Illési, Z., Honfi, V.S. (2022). A Security Assessment of AI, Related to the Financial Institutions. In: Kovács, T.A., Nyikes, Z., Fürstner, I. (eds) Security-Related Advanced Technologies in Critical Infrastructure Protection. NATO Science for Peace and Security Series C: Environmental Security. Springer, Dordrecht. https://doi.org/10.1007/978-94-024-2174-3_7
Download citation
DOI: https://doi.org/10.1007/978-94-024-2174-3_7
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-024-2173-6
Online ISBN: 978-94-024-2174-3
eBook Packages: Physics and AstronomyPhysics and Astronomy (R0)