Case Study Tracking the Cybercrime Trail

CaseStudy: TrackingtheCybercrime Trail

TrackingtheCybercrime Trail

Cybersecurityis a criticalfactorthat organizationsshould consider,especiallyin thecurrenteraof cloudcomputing. Thisis becauseonline transactionsprovidean opportunityforintelligentcriminalsto usetheir brainsto commitcybercrimes,insteadof theconventionalmethodsof usingweapons(Wood, 2014). Thispaperwill analyzea casestudyof Company A’s cybercrimewith a focuson thestepstakento resolvetheissue,thepurposeof eachstageof investigation,andthetypeof cybercrimeanalyzedin thearticle.

Problemsidentifiedandstepstakento solvethem

Investigatorsidentifiedthatthefirsthacker hadcreateda backcreateda backdoorprogramthat allowedhim andsubsequenthackers to accesscriticalinformation.ThisoccurredbecauseCompany A hadfailedto handlethemag-stripe informationusingthepropersecuritystandards.Thisallowedthehackers to produceduplicate creditcardsthat theyusedto performtransactions(Bryan, 2014). Thisproblemwashandledin three majorsteps.Thefirststepwaspurgingthesensitivecardholder informationfrom theorganization’ssystem.Thisinformationwasstoredin theorganization’ssystemwithout adhering to theindustrystandards.Thesecondstepinvolvedtakingofthecompromised systemsoffline andtheconfigurationof theloggingas wellas auditing functions.Thiswould ensurethatanyunauthorizedaccessthat wasattemptedwould be detectedandreportedto themanagementimmediately.Thethirdstepinvolvedthesettingof trapsto catchthehacker, which wasa relativeassurancethatsubsequentattemptsto hackthesystemwould stop.

Investigationstepsandtheir goals

Step1: Discovery process

Thestepwas intended tohelpinvestigatorsin gettingadvancedinformation.Thestrategyemployedwasan exhaustive processof informationdiscovery.

Step2: In-depth analysis

Thestepwas intended toinvestigatorsidentifythefraudpatterns.Thiswasachievedby assessingtheproceduresthat Company A usedto storethecreditcardinformationas wellas thetypeof informationthatcompanystoredin its system.Step3: Studying thelayoutof thecompany

Thiswas doneto helpinvestigators determinepartsof theorganization’ssystemthat wereexposedto easyaccessof thehacker. Anin-depth analysisofthelayoutdiagramswas instrumental in the achievement of this step.

Step4: Involvement of thelawenforcers

Thestepwas undertaken tohelptheprivateinvestigatorsin assemblingcriticalinformationthat could resultin thecaptureandprosecutionof thehacker. Thisstepwasinitiatedby discussionsof specifics of a forensicinvestigation,includingforensictoolsthat would be required.

Step5: Data collection

Thepurposewasto allowtheinvestigatorsacquirecriticalinformationthat could helpthem identifytheunderlying problemswithin theorganization’ssystem.Thetwo groupsof investigatorscollecteddata on themirrorimageof thefirm. Theinvestors thencollectedinformationabout thebreach(includingthehowitoccurredandpeoplewithin theorganizationwhocould accessservers) usinginterviewsas themainstrategy.

Step6: Footprints

Thepurposeof thisstepwasto determinehowthehacker gainedaccessintotheorganization’ssystem.Thestrategyemployedin thisstepwasan in-depth analysisof theauditlogsandfiles.

Step7: Live prey

Thestepwas intendedto helpinvestigatorscatchthehacker in theact.Thestrategyapplying wasa closemonitoring of datesandtimewhenthehacker accessedthesystem.

Step7: Sewing up thebreaches

Thepurposewasto repairthebreachandprotectthecarders’data from furtherbreach.Thiswasdoneby preventingattacker’saccessto theprivateinformationof thecardholders.

Step8: Setting thetrap

Thestepwas undertaken tohelptheFBI investigatorscatchthehackers. Thiswould be accomplishedby settingdummydata andusingEtherPeek software in orderto trapthehacker in theact.

Step9: Aftermath

Thepurposewasto determinetheextentof fraudandthenumberof creditcardsaffected.Thiswasachievedby analyzingallcreditcards.

Step10: Recommendations

Thepurposewasto ensurethatbreachesdonot occurinfuture.Thestrategyusedwastheformulation of protectivestrategies,suchas theadditionof an internalIT team.

Otherpurposesof investigation

Apartfrom catchingthehacker, investigatorsneededaddedinformationto prosecutetheattacker.In addition,investigatorsneededinformationthat could helpthem closethebackdoor programandmakerecommendationsthat could helpCompany A preventfuturethreatsof attackon its system.Thiscould onlybeachievedifinvestigatorshada detailedunderstandingof theorganization’ssystemandits weakpoints.

Typeof cybercrime

Thecybercrimeinvolvedin thearticleis identitytheft.Thisis becausethehacker hadstolentheinformationabout thecardholders,which wasthenusedto conductillegaltransactions.

Conclusion

Thetypeof cybercrimedescribedin thearticle“Tracking theCybercrime Trail” can be categorizedas identitytheft.Themainproblemidentifiedis thatthehacker hadmadea backdoor through which hecould accesstheprivateinformationof thecreditcardholders.Theproblemwasaddressedremovingthecriticalinformationthatthehacker usedto createcopiesof creditcardsfrom theorganization’ssystemandrecommendingstrategiesthat would preventthefutureattacks.

References

Bryan,S. (2014, September 1). Tracking the cybercrime trail: In addition toknowing how to follow the bits of evidence, forensic detectives mustknow how to work with law enforcers. CengageLearning.Retrieved February 12, 2015, fromhttp://business.highbeam.com/1074/article-1G1-122769624/tracking-cybercrime-trail-addition-knowing-follow-bits

Wood,C. (2014, October 2). The importance of cyber security in the age ofthe cloud and internet of things. Centerfor Digital Government.Retrieved February 12, 2015, fromhttp://www.govtech.com/security/The-Importance-of-Cybersecurity-in-the-Age-of-the-Cloud-and-Internet-of-Things.html

Related Posts

© All Right Reserved