OCU C)ISSO D Discussion Lesson 17
- This topic has 9 replies, 3 voices, and was last updated 1 year, 4 months ago by Kelly Crooks.
-
AuthorPosts
-
-
March 24, 2022 at 3:02 pm #65740Jessica JagersonKeymaster
When investigating a crime, there are always means, opportunity, and motive. Discuss in detail a specific cybersecurity crime and tell a story (real or fiction) about the criminal making sure to discuss the M.O.M. of the criminal. Also, discuss how this crime affected the organization.
-
May 7, 2023 at 6:16 pm #85723Marcena DavisParticipant
One example of a cybersecurity crime is a ransomware attack. Ransomware is a type of malicious software that is designed to encrypt the victim’s data and demand payment in exchange for the decryption key.
In this hypothetical scenario, a small accounting firm was hit by a ransomware attack. The attack occurred on a weekend when the office was closed, and the attacker gained access to the firm’s network through a phishing email that was sent to an employee’s personal email account. The email appeared to be from a legitimate source, and the employee clicked on a link that downloaded the ransomware onto the firm’s network.
Means: The attacker used a phishing email to gain access to the firm’s network. Phishing is a common means of attack that relies on social engineering tactics to trick victims into divulging sensitive information or downloading malicious software.
Opportunity: The attack occurred on a weekend when the office was closed, providing the attacker with a window of opportunity to gain access to the network without detection.
Motive: The attacker’s motive was financial gain. Ransomware attacks are often carried out by cybercriminals who are looking to extort money from their victims.
The attacker demanded a ransom of $50,000 in exchange for the decryption key. The firm’s data backups were not up to date, and the cost of restoring the data manually would have been much higher than the ransom demand. After consulting with a cybersecurity expert, the firm decided to pay the ransom in order to regain access to their data.
The attack had a significant impact on the firm, as they were unable to access their data for several days and had to pay a significant amount of money to regain access. In addition, the attack damaged the firm’s reputation and eroded the trust of their clients. The firm had to invest in additional cybersecurity measures, including employee training and improved data backup procedures, to prevent future attacks.
The ransomware attack on the accounting firm was carried out using a phishing email to gain access to the network, and the attacker’s motive was financial gain. The attack had a significant impact on the firm, including financial loss, reputation damage, and loss of client trust. Preventive measures such as employee training, data backups, and improved cybersecurity measures can help prevent such attacks from occurring in the future.
-
May 10, 2023 at 4:19 pm #85837Kevin MehokParticipant
IST3100 Information Systems Security Officer
Week Five
Assignment # 3
WK5 Cyberattacks story
Kevin MehokMarcena,
Awesome job with elaborating several different scenarios. Your cybersecurity attacks could all be used to create excellent movie titles. Sadly, these very stories not movies and they actually happen. We hear and see headlines regarding these sorts of attacks on the news far too often.
Great job!
God Bless,
Kevin
-
May 14, 2023 at 5:31 pm #85925Kelly CrooksParticipant
Marcena, great post. Awesome job on explaining the ransomware scenario. I have done research about ransomware for a few of my other courses here at OCU and it seems that a vast majority of attacks are done for financial gain of some kind. I think I have only read a few cases where the attack was done for something other than financial gain. When Russia- Ukraine war started they had cybercriminals that attacked some Russian financial information just to share it with the world because they felt the war was unnecessary.
-
-
May 10, 2023 at 4:11 pm #85836Kevin MehokParticipant
IST3100 Information Systems Security Officer
Week Five
Assignment # 3
WK5 Cyberattacks story
Kevin MehokI think that sourcing an actual story for this discussion will be the most effective approach.
In this era of time, we have been hearing a lot about Russia, and Ukraine. For years, Russia has aggressively and recklessly mounted digital attacks against Ukraine, causing blackouts, attempting to skew elections, stealing data, and releasing destructive malware to rampage across the country—and the world (Newman, 2022). Sadly, Russia carried through with invading Ukraine in February, though, the digital dynamic between the two countries has changed as Russia struggles to support a massive and costly kinetic war and Ukraine mounts resistance on every front it can think of (Newman, 2022). What does this mean? Well, this means that while Russia has continued to pummel Ukrainian institutions and infrastructure with cyberattacks, Ukraine has also been hacking back with surprising success (Newman, 2022). In defense, much like our need to create and implement an action plan, Ukraine has formed a volunteer “IT Army” at the beginning of the war, which has focused on mounting DDoS attacks and disruptive hacks against Russian institutions and services to cause as much chaos as possible (Newman, 2022). Hacktivists from around the world have also turned their attention—and digital firepower—toward the conflict (Newman, 2022). In a valiant effort Ukraine has launched other types of hacks against Russia, including attacks utilizing custom malware, Russia has suffered data breaches and service disruptions at an unprecedented scale (Newman, 2022).While we discuss over and over the negatives of malware and virus attacks, cyberattacking, yes cyberattacking can also in and of itself be an incredible form of offense, in defense just as it has been for Ukraine.
I would be willing to keep approaches like this in mind as well if my organization were attacked.
God Bless,
Kevin
References:
Newman, L. (2022) https://www.wired.com/story/worst-hacks-breaches-2022/
-
May 12, 2023 at 2:26 pm #85908Marcena DavisParticipant
Hey Kevin,
Great reference based on current events. It’s incredible how cyberattacks have become such a significant aspect of modern warfare. The story you shared really highlights the importance of being prepared and having effective security measures in place. I love how really emphasizes the need for a robust action plan and the importance of timely response in the face of cyber threats. It’s a simple reminder that the consequences of digital attacks can be far-reaching and affect nations on a global scale.
-
May 15, 2023 at 2:11 pm #85942Kelly CrooksParticipant
Kevin, I liked your scenario about Russia and Ukraine. Russia was out to get Ukraine for several years. First attacking their infrastructure with viral hacks and viruses and then with an all-out war. I found it interesting to read about Ukraine’s “IT Army” fighting back against Russia. I find it interesting that malware can be used for good just as easily as it can for evil.
-
-
May 12, 2023 at 11:21 am #85888Kelly CrooksParticipant
In 2022, T-Mobile was the target of more than 100 separate incidents. Three different cybercriminal groups claimed to have access to the internal networks of the communication giant. All three of the cybercriminal groups gained access to T-Mobile data by using a Phishing scam that said customers could get a new SIM card for their devices. The customers would receive a text message that appeared as if it came from T-Mobile but was from a third party. The customers provided their phone numbers and the serial number from the SIM card.
The original goal of the cyber attack was to see how many times the three groups could access the T-Mobile network. The cybercriminal groups posted new numbers each day as to how many times they had accessed the network. It was so easy for them to gain access to the network that by May of 2022 they stopped posting numbers.
The M.O.M of these three cybercriminal groups was perfect for the taking if you ask me. The means they all used was the Phishing scam using the text message to get the customer’s information. The opportunity was there as well and it was an easy opportunity. Each group made the text messages look legit and authentic from T-Mobile, therefore having easy access to the data. The motive was a simple one, to see how many times each group could get access to T-Mobiles internal networks.
The incident in 2022 cost T-Mobile $350 million just in pay-outs to customers. These kinds of incidents stress the importance of making sure their networks are secure, making sure that staff and employees use strong passwords, and making sure that employees and staff have the proper training to detect, engage and defend against any cyber threats.
-
May 12, 2023 at 2:34 pm #85909Marcena DavisParticipant
Hey Kelly,
Wow, reading about the cyber attack on T-Mobile in 2022 really hit close to home for me. It’s scary to think that such a massive communication giant fell victim to not just one, but three different cybercriminal groups. I can only imagine how it must have felt to be one of the customers who received that deceptive text message.
Phishing scams have become alarmingly sophisticated, and it’s unsettling to know that these criminals were able to make their messages appear authentic, tricking customers into providing their personal information. The ease with which they gained access to T-Mobile’s network is truly concerning, and it’s disheartening that they even boasted about it by posting daily numbers. It serves as a reminder for all of us to stay informed and take proactive measures to protect ourselves and our data.
-
May 12, 2023 at 10:12 pm #85921Kevin MehokParticipant
Hey Kelly,
I loved your article and share regarding T-Mobile. I did not know this and I am a T_Mobile customer. I completely agree with your thoughts and the realness of this type of cybercrimal activity. Smartphones are used by all ages. This hits home for me as my youngest child wants a phone and he needs to be able to detect this sort of activity. I chuckle because he cannot even make his bed correctly yet. This makes me wonder, “What’s ahead of us?”
God Bless,
Kevin
-
-
-
AuthorPosts
- You must be logged in to reply to this topic.