Cyber Risk Case Study -The SWIFT Case

 Cyber Risk

  • Cyber risk is the risk of financial or reputational loss resulting from a breach in internal technology infrastructures. This risk revolves around a hacker accessing systems that result in theft of money, information, or identity data

The SWIFT Case

  • In February 2016, hackers accessed the SWIFT system and stole $81 billion from the Bangladesh Bank (the central bank of Bangladesh). This money was on deposit with the New York Federal Reserve Bank.
  • The access was through the use of employee credentials (how these employee credentials were obtained was never fully resolved) and a series of requests to transfer funds to various locations throughout Asia.
  • The goal was to steal $1 billion, but the Bank of New York stopped all transfers after discovering a typo (“fandations” instead of “foundations”) in one of the otherwise legitimate-looking requests.
  • After the $81 million was transferred to a bank in the Philippines, the hackers used malware to delete the record of the transfer and disable transaction confirmation notifications.
  • When the Bangladesh Bank realized that it was not receiving any transfer notifications, it rebooted their system and immediately received a flood of transfer notices, which brought the cyber theft into the light.
  • The money was never recovered because it was transferred from the bank in the Philippines to a series of casinos and promptly withdrawn

Comments

Post a Comment

Popular posts from this blog

Market Risk : Estimate VaR using a historical simulation approach

  What is VaR? Value at Risk (VaR) measures the potential loss in value of a portfolio over a defined time period for a given confidence level. It answers the question: "How much could I lose with x % x\% x % confidence over t t t days?" Historical Simulation Approach This is a non-parametric method that uses actual historical returns to estimate potential future losses. It assumes that the past distribution of returns is representative of the future. Steps to Estimate VaR using Historical Simulation Collect Historical Data Gather historical price data for the assets in the portfolio. Calculate daily returns for each asset using: r t = P t − P t − 1 P t − 1 r_t = \frac{P_t - P_{t-1}}{P_{t-1}} r t ​ = P t − 1 ​ P t ​ − P t − 1 ​ ​ where P t P_t P t ​ is the price on day t t t . Simulate Portfolio Returns Compute the daily portfolio return for each historical period. For a portfolio with n n n assets: R t = ∑ i = 1 n w i ⋅ r i , t R_t = \sum_{i=1}^n w_i \cdot r_{i,t} R ...
Read more

Market Risk Problem 1 - Calculate VaR using Parametric approach

 Assume that the profit/loss distribution for XYZ is normally distributed with an annual mean of $15 million and a standard deviation of $10 million. Calculate the VaR at the 95% and 99% confidence levels using a parametric approach. Given Data Distribution : Normal. Mean ( μ \mu μ ) : $15 million (annual). Standard deviation ( σ \sigma σ ) : $10 million (annual). Confidence levels : 95% ( z = 1.645 z = 1.645 z = 1.645 ). 99% ( z = 2.33 z = 2.33 z = 2.33 ). Formula for VaR The parametric VaR formula is: VaR = ∣ z ∣ ⋅ σ − μ \text{VaR} = |z| \cdot \sigma - \mu VaR = ∣ z ∣ ⋅ σ − μ ∣ z ∣ |z| ∣ z ∣ : z-score corresponding to the confidence level. σ \sigma σ : Standard deviation (risk/volatility). μ \mu μ : Mean (expected gain/loss). Step-by-Step Calculations 1. VaR at 95% Confidence Level ( z = 1.645 z = 1.645 z = 1.645 ) VaR 95 = ∣ 1.645 ∣ ⋅ 10 − 15 \text{VaR}_{95} = |1.645| \cdot 10 - 15 VaR 95 ​ = ∣1.645∣ ⋅ 10 − 15 VaR 95 = 16.45 − 15 = 1.45  million . \text{VaR}_{95} = 16.45 -...
Read more

Market Risk : Estimate VaR using a Parametric Approach

What is the Parametric Approach? The parametric approach assumes that portfolio returns follow a specific type of mathematical distribution (like a bell-shaped curve for normal distribution). Using some simple formulas, we calculate how much you could lose at a certain confidence level (like 95% or 99%). Steps to Estimate VaR 1. Get the Data You need: Portfolio value (how much your portfolio is worth today). Mean return (average return, usually based on past data). Volatility (how much the returns fluctuate, measured as a standard deviation). Confidence level (how certain you want to be about the worst-case loss, like 95% or 99%). 2. Use a Formula VaR is calculated as: VaR = z ⋅ Volatility ⋅ Portfolio Value \text{VaR} = z \cdot \text{Volatility} \cdot \text{Portfolio Value} VaR = z ⋅ Volatility ⋅ Portfolio Value Here: z z z is a number from statistics that depends on the confidence level: For 95%, z = 1.645 z = 1.645 z = 1.645 . For 99%, z = 2.33 z = 2.33 z = 2.33 . Multipl...
Read more