Case Study
Case Study
Case Study
COMPUTER STUDIES
Bicutan Branch
Submitted by:
Member
Dormido, Rea R.
Rivera, Angel
Sulapas, Justin A.
Section
BS1EB
Submitted to:
This case study examines the recent cyberattack on the United Coconut Planters
Bank (UCPB), which involved unauthorized access and disruption of its digital
services, raising critical concerns about security measures in the banking sector.
Established in 1975, UCPB has played a significant role in supporting the coconut
industry and promoting rural development in the Philippines.
The purpose of this study is to enhance cybercrime protection and promote best
practices in authentication techniques for financial transactions across local banks.
The analysis further highlights UCPB's business model, which integrates financial
services with social responsibility, focusing on providing loans, savings products,
and investment opportunities for farmers and agribusinesses.
The recommend strategic measures for UCPB to enhance its market position,
including adopting innovative technologies, forging partnerships with agricultural
organizations, and emphasizing customer service. By aligning its strategies with its
social mission, UCPB can strengthen its role as a leader in promoting rural
development and financial inclusion in the Philippines while ensuring robust
cybersecurity measures.
In 2020, the United Coconut Planters Bank (UCPB), one of the leading financial
institutions in the Philippines, became the target of a significant cyber attack on
Independence Day, June 12. This incident marked a critical moment in the realm of
cybersecurity for financial institutions in the country, highlighting vulnerabilities that
can be exploited by malicious actors.
The attack, which involved the unauthorized access and disruption of UCPB's digital
services, raised serious concerns about the security measures in place within the
banking sector. Cybersecurity experts and analysts have noted that such attacks are
becoming increasingly sophisticated, often leveraging a combination of phishing
techniques, malware, and social engineering to infiltrate systems. The UCPB
incident underscored the necessity for robust cybersecurity frameworks and the
continuous monitoring of digital infrastructures to safeguard sensitive information
and maintain customer trust.
In the aftermath of the attack, UCPB took immediate steps to secure its systems,
launching a thorough investigation to assess the extent of the breach and to mitigate
future risks. This incident not only impacted the bank’s operations but also served
as a wake-up call for other financial institutions, emphasizing the importance of
enhancing their cybersecurity protocols in an era where digital banking is the norm.
The main issue is the cyber theft of PHP 167 million from UCPB, a state-run bank
in the Philippines. The cyber-attack exposed vulnerabilities in UCPB’s systems,
specifically during a maintenance period, where malware was installed that
enabled unauthorized fund transfers. This breach raises significant concerns
about the security of the banking sector in the Philippines.
This incident echoes previous breaches, like the Bangladesh Bank heist involving
RCBC, signaling that Philippine banks may need to strengthen their
cybersecurity frameworks to handle evolving threats. Additionally, the BSP’s
emphasis on "close coordination" and its promise to pursue cybersecurity
efforts across financial institutions reflects an acknowledgment that regulatory
oversight and stronger safeguards are crucial for maintaining public trust.
Authorities believed a syndicate of Nigerians and Filipinos were responsible for the
heist. The syndicate allegedly took out 57 withdrawals from a single Automated
Teller Machine (ATM) and ran out the machine's entire stock of roughly 4 million
pesos in cash before transferring the UCPB funds into their bank accounts. Many
bank account holders expressed disappointment over their accounts, fearing that
their money had also been stolen. Assuring bank holders that their funds were
unaffected by the theft and that government authorities would strengthen the bank's
security to prevent another incidence of the cyberattack, Diokno (2020) states, "Be
assured, in pursuit of our cybersecurity agenda, we continue to collaborate and
engage the BSP Supervised Financial Institutions to ensure the safety and integrity
of the financial system as well as the protection of the financial consumers." The
government authorities tightened the security and systems of every bank in the
Philippines as a result of the cyberattack.
Due to the UCPB cyber attack, several alternative solutions were implemented:
2. Recovery of the Stolen Funds: In order to track down the stolen funds,
UCPB and Banko Sentral ng Pilipinas (BSP) agreed to work with the
government and law enforcement following the incident. Although the
procedure was challenging, the government managed to retrieve the lost
money.
The UCPB and the Bangko Sentral ng Pilipinas (BSP) have reassured the public
regarding the security of customer deposits following the theft of ₱167 million.
However, this incident highlights the increasing sophistication and global reach of
cybercrime, as foreign hackers were able to exploit operational downtimes and
deploy malware to infiltrate banking systems. It underscores the growing
challenges that financial institutions face worldwide in protecting against rapidly
evolving threats.
The cyber-attack availed on the United Coconut Planters Bank (UCPB) during the
Independence Day weekend in 2020 not only incurred huge financial losses but also
exposed the weaknesses associated with the bank’s information technology (IT)
systems. This section proposes recommendations to enhance the cybersecurity of
UCPB and avert the recurrence of such incidents.
7. Data protection and Privacy - Encrypt sensitive data both at rest and in transit
to protect it from unauthorized access. Implement DLP or Data Loss
Prevention, solutions to monitor and control data movement within and
outside the organization and maintain regular backups of critical data and
test the recovery process to ensure its effectiveness.
10. Enhanced Cybercrimes Protection - Local banks need to adopt global best
practices in, for example, installing firewalls and security software for their
entire IT structure to prevent unauthorized entry into their systems. Banks
also need to adopt best practices in authentication techniques for financial
transactions, including the use of smart cards, facial recognition, and
fingerprint sensors in automated teller machines (ATMs). The first step must
be a comprehensive upgrade in cybersecurity, by fortifying the banks’
information technology (IT) systems, the main gateway of criminals in
attacking financial institutions and their clients. Any gaps in a bank’s internet
infrastructure can be easily exploited by expert hackers, as was evident in the
UCPB case where the perpetrators allegedly took advantage of a weekend
window when the bank was upgrading its IT security system.