Case Study on Qatar National bank attack Assignment PDF
VerifiedAdded on 2021/05/27
|8
|1805
|395
AI Summary
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: CYBER CRIME RESEARCH
Cyber crime research
Name of the Student:
Name of the University:
Author note:
Cyber crime research
Name of the Student:
Name of the University:
Author note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1CYBER CRIME RESEARCH
Table of Contents
1. Introduction:..............................................................................................................2
2. Cyber crime case studies:........................................................................................2
2.1 Case Study 1: DDOS attack 2015-.....................................................................2
2.2 Case Study 2: QNB Qatar National bank attack-...............................................2
2.3 Case Study 3: Shamoon attack-.........................................................................3
2.4 Case Study 4: Sharjah Bank attacked-...............................................................3
3. Additional measures that can be taken to prevent cyber attacks.............................4
4. Conclusion:...............................................................................................................4
5. References:..............................................................................................................5
Table of Contents
1. Introduction:..............................................................................................................2
2. Cyber crime case studies:........................................................................................2
2.1 Case Study 1: DDOS attack 2015-.....................................................................2
2.2 Case Study 2: QNB Qatar National bank attack-...............................................2
2.3 Case Study 3: Shamoon attack-.........................................................................3
2.4 Case Study 4: Sharjah Bank attacked-...............................................................3
3. Additional measures that can be taken to prevent cyber attacks.............................4
4. Conclusion:...............................................................................................................4
5. References:..............................................................................................................5
2CYBER CRIME RESEARCH
1. Introduction:
In this connected world, cyber crime has gained a strong foothold. The main
purpose of this report is to study few instances of cyber crime and to reflect on that.
The essay will further evaluate number of ways a crime can happen. Finally, it will
propose few steps to mitigate the risk. Firstly, there is a need to know what cyber
crime is. It is a type of criminal activity which involves networked device or a
computer. Cyber criminals in order to generate profit carry out cyber crimes and
sometimes crimes are not committed only to earn but also defame and damage
corporations or individuals.
2. Cyber crime case studies:
2.1 Case Study 1: DDOS attack 2015-
An organization or an individual is prone to getting hacked if their networks
are not secure. Changes in terms of quality and quantity can be made in a system by
hacking. On hacking a bank’s own database a hacker can get access to private
information about customers and they may succeed in stealing money. The world’s
most dangerous hacking community goes by the name “Anonymous”. In the past
they broke into several United States websites and also the NASA website.
However, this time they tried to play with the oil rich gulf countries (Arab News,
2018). They used DDoS (Distributed denial of service) to hamper the banking
operations in major banks. In such an attack servers are affected thereby disrupting
online and critical operations of the bank. Banking sectors in the UAE were
frightened by the possibility of future attacks. Additionally, it can be observed that
banks in UAE need a proper security framework to address the challenges posed by
cyber attacks. Investment in security framework is a must for mitigating risks.
2.2 Case Study 2: QNB Qatar National bank attack-
Phishing is one of the common ways used by entry level hackers to steal
information. Hackers to swiftly steal critical information without user’s knowledge use
Spyware (Khonji, Iraqi & Jones, 2013). Additionally, a modern way of hacking into
one’s computer is by remotely activating certain codes that is done by infecting
someone’s computer by a virus and then the hacker can activate the codes. This
1. Introduction:
In this connected world, cyber crime has gained a strong foothold. The main
purpose of this report is to study few instances of cyber crime and to reflect on that.
The essay will further evaluate number of ways a crime can happen. Finally, it will
propose few steps to mitigate the risk. Firstly, there is a need to know what cyber
crime is. It is a type of criminal activity which involves networked device or a
computer. Cyber criminals in order to generate profit carry out cyber crimes and
sometimes crimes are not committed only to earn but also defame and damage
corporations or individuals.
2. Cyber crime case studies:
2.1 Case Study 1: DDOS attack 2015-
An organization or an individual is prone to getting hacked if their networks
are not secure. Changes in terms of quality and quantity can be made in a system by
hacking. On hacking a bank’s own database a hacker can get access to private
information about customers and they may succeed in stealing money. The world’s
most dangerous hacking community goes by the name “Anonymous”. In the past
they broke into several United States websites and also the NASA website.
However, this time they tried to play with the oil rich gulf countries (Arab News,
2018). They used DDoS (Distributed denial of service) to hamper the banking
operations in major banks. In such an attack servers are affected thereby disrupting
online and critical operations of the bank. Banking sectors in the UAE were
frightened by the possibility of future attacks. Additionally, it can be observed that
banks in UAE need a proper security framework to address the challenges posed by
cyber attacks. Investment in security framework is a must for mitigating risks.
2.2 Case Study 2: QNB Qatar National bank attack-
Phishing is one of the common ways used by entry level hackers to steal
information. Hackers to swiftly steal critical information without user’s knowledge use
Spyware (Khonji, Iraqi & Jones, 2013). Additionally, a modern way of hacking into
one’s computer is by remotely activating certain codes that is done by infecting
someone’s computer by a virus and then the hacker can activate the codes. This
3CYBER CRIME RESEARCH
may corrupt or encrypt the files on the computer. The user then has to pay certain
amounts to the criminals to decrypt the files. In the year 2016, some hackers
managed to steal personal information and expose that information in the social
media. Account numbers and passwords of defense personals, top politicians were
released. The data leak also contained references to hundreds and thousands of
alleged transactions records of bank customers. Additionally, the data leak was
contained in 1.4 GB file which also included the password and names of thousands
of bank customers (Ft.com, 2018). The file also contained details of staff of a news
outlet- ‘Al Jazeera’, defense and intelligence officials and members of Qatar ruling
family. It can be observed that bank’s defense against this threat was weak. A flaw
can exist in the software that the banks use and this vulnerability can be used by a
hacker.
2.3 Case Study 3: Shamoon attack-
Malware is a type of software that is designed to disrupt damage and gain
unauthorized access to one’s computer. Premium software such as malware bytes
can help in this. Malware named “Shamoon” also infected Qatar’s RasGas, which is
one of the liquefied natural gas producers (Bronk & Tikk-Ringas, 2013). In October
2014 BAE systems (British security and defense firm) rolled out a product Industrial
Protect to protect and safeguard control systems in industries. They were hoping to
cash in on companies present in Arab Gulf and in North American countries. Several
Saudi banks were on high alert because of this. In the year 2012 the shamoon virus
wreaked havoc at Saudi Aramco. This virus again returned on 2018 in the kingdom
leaving a trail of destruction. At least four private sector companies and three
government agencies were left offline for 48 hours. This incident also used an
identical method for infiltrating the system. Firstly the virus propagates itself and then
gains control and then it destroys the intended target (Ed Clowes, 2018). From
analysis, it can be observed that the latest breach has happened due to poor
adherence to security protocol. Basic security practices were not followed by the
companies such as allowing remote access, use of VPNs and protecting passwords.
It can be seen in most of the cases awareness of security issues were lacking.
2.4 Case Study 4: Sharjah Bank attacked-
A bank based in Sharjah was attacked by a criminal with pseudo identity
‘Buba’. He managed to steal all the personal information of clients from banks
may corrupt or encrypt the files on the computer. The user then has to pay certain
amounts to the criminals to decrypt the files. In the year 2016, some hackers
managed to steal personal information and expose that information in the social
media. Account numbers and passwords of defense personals, top politicians were
released. The data leak also contained references to hundreds and thousands of
alleged transactions records of bank customers. Additionally, the data leak was
contained in 1.4 GB file which also included the password and names of thousands
of bank customers (Ft.com, 2018). The file also contained details of staff of a news
outlet- ‘Al Jazeera’, defense and intelligence officials and members of Qatar ruling
family. It can be observed that bank’s defense against this threat was weak. A flaw
can exist in the software that the banks use and this vulnerability can be used by a
hacker.
2.3 Case Study 3: Shamoon attack-
Malware is a type of software that is designed to disrupt damage and gain
unauthorized access to one’s computer. Premium software such as malware bytes
can help in this. Malware named “Shamoon” also infected Qatar’s RasGas, which is
one of the liquefied natural gas producers (Bronk & Tikk-Ringas, 2013). In October
2014 BAE systems (British security and defense firm) rolled out a product Industrial
Protect to protect and safeguard control systems in industries. They were hoping to
cash in on companies present in Arab Gulf and in North American countries. Several
Saudi banks were on high alert because of this. In the year 2012 the shamoon virus
wreaked havoc at Saudi Aramco. This virus again returned on 2018 in the kingdom
leaving a trail of destruction. At least four private sector companies and three
government agencies were left offline for 48 hours. This incident also used an
identical method for infiltrating the system. Firstly the virus propagates itself and then
gains control and then it destroys the intended target (Ed Clowes, 2018). From
analysis, it can be observed that the latest breach has happened due to poor
adherence to security protocol. Basic security practices were not followed by the
companies such as allowing remote access, use of VPNs and protecting passwords.
It can be seen in most of the cases awareness of security issues were lacking.
2.4 Case Study 4: Sharjah Bank attacked-
A bank based in Sharjah was attacked by a criminal with pseudo identity
‘Buba’. He managed to steal all the personal information of clients from banks
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4CYBER CRIME RESEARCH
database. He threatened to release all the information in Social media if his demand
for three million dollars in bit coins were not met by the bank (Fareed Rahman,
2018). All banks must have preventive measures. The government should take steps
to create a cyber security body (CSB) that is responsible for defining and framing
security policies for the entire country and it should be independent and should not
be a part of any public sector or be under any ministry. The Cyber Security Body
should create a strategy that is aligned with national interest and the regional
security frameworks. Additionally, Cyber Security Body can create a national security
dialogue taking into views of all the stakeholders and colluding with them. Building
preventive capabilities should be a focal point for Cyber Security Body. Now, this
should include the framing of security standards and policies. Apart from that Cyber
Security Body needs to create a standard compliance body that would ensure the
smooth implementation of the standard and policies. After the completion of
establishing a preventive body there is a need to create a reactive body such as tech
emergency team that should be ready to put their foot in when there is a attack or a
probability of an attack. The Cyber Security Body should be in complete control of
the readiness team that is the strategies needs to be aligned. A sort of talent search
program should be there. This is a very complex task to be executed at a national
level. There is a need to somehow create an interest level among students so that
they can consider it as a career option. This includes the inclusion of cyber security
as a subject in schools and universities.
3. Additional measures that can be taken to prevent cyber attacks.
Certain measures can be taken to prevent cyber attacks:
Firstly, there is a need to avoid clicking links in suspicious emails. Secondly,
unknown email attachment should not be opened without proper scanning. Settings
should be turned off which allows automatic downloads from emails (Walker &
Associates Insurance, 2018). A user also needs to avoid sharing information that is
personal to other persons unless that person is trusted. Additionally, a user needs to
create a habit to creating complex passwords (Urgencequebec.gouv.qc.ca, 2018). A
user also needs to update antivirus software and browser regularly. In order to be on
the safe side, an individual must invest in premium anti-malwares and anti-viruses.
database. He threatened to release all the information in Social media if his demand
for three million dollars in bit coins were not met by the bank (Fareed Rahman,
2018). All banks must have preventive measures. The government should take steps
to create a cyber security body (CSB) that is responsible for defining and framing
security policies for the entire country and it should be independent and should not
be a part of any public sector or be under any ministry. The Cyber Security Body
should create a strategy that is aligned with national interest and the regional
security frameworks. Additionally, Cyber Security Body can create a national security
dialogue taking into views of all the stakeholders and colluding with them. Building
preventive capabilities should be a focal point for Cyber Security Body. Now, this
should include the framing of security standards and policies. Apart from that Cyber
Security Body needs to create a standard compliance body that would ensure the
smooth implementation of the standard and policies. After the completion of
establishing a preventive body there is a need to create a reactive body such as tech
emergency team that should be ready to put their foot in when there is a attack or a
probability of an attack. The Cyber Security Body should be in complete control of
the readiness team that is the strategies needs to be aligned. A sort of talent search
program should be there. This is a very complex task to be executed at a national
level. There is a need to somehow create an interest level among students so that
they can consider it as a career option. This includes the inclusion of cyber security
as a subject in schools and universities.
3. Additional measures that can be taken to prevent cyber attacks.
Certain measures can be taken to prevent cyber attacks:
Firstly, there is a need to avoid clicking links in suspicious emails. Secondly,
unknown email attachment should not be opened without proper scanning. Settings
should be turned off which allows automatic downloads from emails (Walker &
Associates Insurance, 2018). A user also needs to avoid sharing information that is
personal to other persons unless that person is trusted. Additionally, a user needs to
create a habit to creating complex passwords (Urgencequebec.gouv.qc.ca, 2018). A
user also needs to update antivirus software and browser regularly. In order to be on
the safe side, an individual must invest in premium anti-malwares and anti-viruses.
5CYBER CRIME RESEARCH
4. Conclusion:
By looking at the instances of cyber crime in the report, it can be concluded
that by framing preventive measures, strategies and policies, loss or theft of data can
be greatly minimized. A government of a country being the only stakeholders has the
reach and power for implementing policy changes, develop national security
framework and also to ramp up collaboration among different sectors. There is also a
need for huge investments in digital technologies which is required to fix the existing
cyber infrastructure.
4. Conclusion:
By looking at the instances of cyber crime in the report, it can be concluded
that by framing preventive measures, strategies and policies, loss or theft of data can
be greatly minimized. A government of a country being the only stakeholders has the
reach and power for implementing policy changes, develop national security
framework and also to ramp up collaboration among different sectors. There is also a
need for huge investments in digital technologies which is required to fix the existing
cyber infrastructure.
6CYBER CRIME RESEARCH
5. References:
Arab News. (2018). 12% Saudi firms subjected to DDoS attacks. [online] Available
at: http://www.arabnews.com/node/932371/saudi-arabia [Accessed 7 May 2018].
Bronk, C. and Tikk-Ringas, E., 2013. Hack or attack? Shamoon and the Evolution of
Cyber Conflict.
Ed Clowes, S. (2018). Destructive computer virus ‘Shamoon’ hits Saudi Arabia for
third time. [online] GulfNews. Available at:
https://gulfnews.com/business/sectors/technology/destructive-computer-virus-
shamoon-hits-saudi-arabia-for-third-time-1.1970590 [Accessed 10 May 2018].
Fareed Rahman, S. (2018). UAE Central Bank moves to deal with cyber attacks.
[online] GulfNews. Available at: https://gulfnews.com/business/sectors/banking/uae-
central-bank-moves-to-deal-with-cyber-attacks-1.2128963 [Accessed 7 May 2018].
Ft.com. (2018). Qatar National Bank hit by cyber attack. [online] Available at:
https://www.ft.com/content/7faf84c4-0c98-11e6-b41f-0beb7e589515 [Accessed 10
May 2018].
Khonji, M., Iraqi, Y. and Jones, A., 2013. Phishing detection: a literature
survey. IEEE Communications Surveys & Tutorials, 15(4), pp.2091-2121.
Urgencequebec.gouv.qc.ca. (2018). Cyber attack: Tips and safety instructions -
Urgence Québec. [online] Available at:
http://www.urgencequebec.gouv.qc.ca/En/situation-urgence/Pages/cyberattaque.asp
x [Accessed 7 May 2018].
Walker & Associates Insurance. (2018). 9 Ways to Prevent Cyber Attacks | Walker &
Associates Insurance. [online] Available at: https://www.walkeragency.com/9-ways-
prevent-cyber-attacks/ [Accessed 7 May 2018].
5. References:
Arab News. (2018). 12% Saudi firms subjected to DDoS attacks. [online] Available
at: http://www.arabnews.com/node/932371/saudi-arabia [Accessed 7 May 2018].
Bronk, C. and Tikk-Ringas, E., 2013. Hack or attack? Shamoon and the Evolution of
Cyber Conflict.
Ed Clowes, S. (2018). Destructive computer virus ‘Shamoon’ hits Saudi Arabia for
third time. [online] GulfNews. Available at:
https://gulfnews.com/business/sectors/technology/destructive-computer-virus-
shamoon-hits-saudi-arabia-for-third-time-1.1970590 [Accessed 10 May 2018].
Fareed Rahman, S. (2018). UAE Central Bank moves to deal with cyber attacks.
[online] GulfNews. Available at: https://gulfnews.com/business/sectors/banking/uae-
central-bank-moves-to-deal-with-cyber-attacks-1.2128963 [Accessed 7 May 2018].
Ft.com. (2018). Qatar National Bank hit by cyber attack. [online] Available at:
https://www.ft.com/content/7faf84c4-0c98-11e6-b41f-0beb7e589515 [Accessed 10
May 2018].
Khonji, M., Iraqi, Y. and Jones, A., 2013. Phishing detection: a literature
survey. IEEE Communications Surveys & Tutorials, 15(4), pp.2091-2121.
Urgencequebec.gouv.qc.ca. (2018). Cyber attack: Tips and safety instructions -
Urgence Québec. [online] Available at:
http://www.urgencequebec.gouv.qc.ca/En/situation-urgence/Pages/cyberattaque.asp
x [Accessed 7 May 2018].
Walker & Associates Insurance. (2018). 9 Ways to Prevent Cyber Attacks | Walker &
Associates Insurance. [online] Available at: https://www.walkeragency.com/9-ways-
prevent-cyber-attacks/ [Accessed 7 May 2018].
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7CYBER CRIME RESEARCH
1 out of 8
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.