Understanding and Preventing Cyber Fraud
VerifiedAdded on 2022/12/08
|9
|2125
|442
AI Summary
This document discusses the hacking incident of British Airways, the different types of cyber-crimes, the criminological theory of social learning, and strategies to prevent cybercrime. It explores the impact of the hacking incident on stakeholders and the company's response. The document also suggests the development of social learning prevention programs and contemporary prevention programs as strategies to address cybercrime.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
UNDERSTANDING AND
PREVENTING CYBER FRAUD
Running Head: UNDERSTANDING AND PREVENTING CYBER FRAUD
0
9 / 5 / 2 0 1 9
Student’s Name
PREVENTING CYBER FRAUD
Running Head: UNDERSTANDING AND PREVENTING CYBER FRAUD
0
9 / 5 / 2 0 1 9
Student’s Name
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
UNDERSTANDING AND PREVENTING CYBER FRAUD
1
Contents
Question 1........................................................................................................................................2
Question 2........................................................................................................................................2
Question 3........................................................................................................................................3
Question 4........................................................................................................................................5
References........................................................................................................................................7
1
Contents
Question 1........................................................................................................................................2
Question 2........................................................................................................................................2
Question 3........................................................................................................................................3
Question 4........................................................................................................................................5
References........................................................................................................................................7
UNDERSTANDING AND PREVENTING CYBER FRAUD
2
Question 1
The case selected for this report is the hacking incident of British Airways. The lead
victims of the incident were nearly 380000 customers of British Airways who have booked their
flight with this company (Economist.com, 2018). In this incident, hackers stole the personal
details of these customers. These details included name and address, login credentials, payment
details, and travel booking details. The offenders of the incident have not been confirmed but
identified as Magecart. This is a clandestine group of highly proficient hackers who specialize in
skimming credit cards on major sites across the web. The group of hacker stole the personal data
of the customer. Not only the customers but also other stakeholders such as shareholders and
government been affected by the incident. Due to penalties and a decrease in share prices,
investors of the company also faced loss out of the subjective hacking. Investors who invested
their money in the company lost their trust in the same.
If to discuss the outcomes of the case, this is to state that the company lost the trust of
stakeholders and goodwill in the market up to a significant level. In conjunction with this, The
Information Commissioner's Office in the UK revealed its plan to impose a penalty worth £183.4
million to British airways (Sandle, 2019). The further company confirmed to repay every direct
loss to customers that happened to them because of this incident which lead high cost to the
company.
Question 2
2
Question 1
The case selected for this report is the hacking incident of British Airways. The lead
victims of the incident were nearly 380000 customers of British Airways who have booked their
flight with this company (Economist.com, 2018). In this incident, hackers stole the personal
details of these customers. These details included name and address, login credentials, payment
details, and travel booking details. The offenders of the incident have not been confirmed but
identified as Magecart. This is a clandestine group of highly proficient hackers who specialize in
skimming credit cards on major sites across the web. The group of hacker stole the personal data
of the customer. Not only the customers but also other stakeholders such as shareholders and
government been affected by the incident. Due to penalties and a decrease in share prices,
investors of the company also faced loss out of the subjective hacking. Investors who invested
their money in the company lost their trust in the same.
If to discuss the outcomes of the case, this is to state that the company lost the trust of
stakeholders and goodwill in the market up to a significant level. In conjunction with this, The
Information Commissioner's Office in the UK revealed its plan to impose a penalty worth £183.4
million to British airways (Sandle, 2019). The further company confirmed to repay every direct
loss to customers that happened to them because of this incident which lead high cost to the
company.
Question 2
UNDERSTANDING AND PREVENTING CYBER FRAUD
3
Different types of cyber-crimes are there. In different cases, criminals use different
techniques. Some most prevalent cyber-crimes are phishing, hacking, scamming and identity
theft (Kazmeyer, 2019). In the case study selected hereby, hacking has been done. Website of the
company has been used in this hacking. Hacking can be understood as the identification and
exploitation of the weakness of the computer system or networks. Hackers hack passwords, gain
backdoor access, or attack the whole device or networks.
In the given case, attackers installed credit card skimming malware on the networks of
British Airways. RiskIQ has assessed the whole incident; which is a cyber-security company
exists there. It has been assumed that hackers used a cross-site scripting attack. This is a kind of
attack where hackers identified less secured websites. They further develop their code and inject
those codes to the poorly secured websites with the intention to modify the behavior of the
victim's site. It was a case of interception of data as hackers were doing this for months
(Informationsecuritybuzz, 2018). In other words to say that the incident of hacking was not been
done overnight. As per Yonathan Klijnsma, one of the threat researcher engaged in the study of
this incident found that just before the hacking event, JavaScript of the website has been
modified. To inject their code to the website, this script has been modified. This was the
moment, where hackers accessed to all the personal data of customers. Later on, the company
confirmed that the app of the same was also not remained secure as the same JavaScript has been
used in the development and operations of the website as well as app.
Question 3
The criminological theory identified here is Social learning theory. This theory explains
socialization and result of the same on the development of individual character. The theory
3
Different types of cyber-crimes are there. In different cases, criminals use different
techniques. Some most prevalent cyber-crimes are phishing, hacking, scamming and identity
theft (Kazmeyer, 2019). In the case study selected hereby, hacking has been done. Website of the
company has been used in this hacking. Hacking can be understood as the identification and
exploitation of the weakness of the computer system or networks. Hackers hack passwords, gain
backdoor access, or attack the whole device or networks.
In the given case, attackers installed credit card skimming malware on the networks of
British Airways. RiskIQ has assessed the whole incident; which is a cyber-security company
exists there. It has been assumed that hackers used a cross-site scripting attack. This is a kind of
attack where hackers identified less secured websites. They further develop their code and inject
those codes to the poorly secured websites with the intention to modify the behavior of the
victim's site. It was a case of interception of data as hackers were doing this for months
(Informationsecuritybuzz, 2018). In other words to say that the incident of hacking was not been
done overnight. As per Yonathan Klijnsma, one of the threat researcher engaged in the study of
this incident found that just before the hacking event, JavaScript of the website has been
modified. To inject their code to the website, this script has been modified. This was the
moment, where hackers accessed to all the personal data of customers. Later on, the company
confirmed that the app of the same was also not remained secure as the same JavaScript has been
used in the development and operations of the website as well as app.
Question 3
The criminological theory identified here is Social learning theory. This theory explains
socialization and result of the same on the development of individual character. The theory
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
UNDERSTANDING AND PREVENTING CYBER FRAUD
4
believes that people become part of a crime due to their association with other people who are
already engaged in criminal activities. The criminal behavior of people is reinforced and they
start thinking that the performance of crime is in their favor (Beaver, Barnes, & Boutwell, 2014).
Such kinds of criminals have the clinical models that they use in the performance of crime. It
means as per social learning theory, criminal behavior of people is associated with others. These
people think that crime is desirable or is justified in some of the situations and then pursue the
same (Telzer, Van Hoorn, Rogers & Do, 2018). Four principal components of this theory are
there namely, differential association, definitions, differential reinforcement, and imitation. The
very first principles say that association with other people provides different models for criminal
and deviant behavior. It means the same provides norms and attitudes (Cochran, Maskaly, Jones,
& Sellers, 2017).
The second principles say that such attitude and norms motivate breaking law or provide
justification for the conduct of crime. In a summarized way, this is to state that who has believed
supporting deviant behavior are more likely to be engaged in criminal activities. The principle is
differential reinforcement and focuses on consequences. This theory develops that positive
reaction to criminal behavior will crime motivates a similar action in the future. Whereas in a
different side, punishment will reduce the likelihood of such behavior. Lastly, imitation plays a
crucial role in this theory. The principle says that people imitate others when they see admired
others who have been engaged in criminal activities.
There is a deep connection between hacking and social learning theory. The theory
support actions like hacking and motivate imitation of such behaviors. Hackers learn their
behavior from other people of groups and see them successful and happy after such conducts. If
to discuss the subjective theory in the context of chosen case study, this is to state that this theory
4
believes that people become part of a crime due to their association with other people who are
already engaged in criminal activities. The criminal behavior of people is reinforced and they
start thinking that the performance of crime is in their favor (Beaver, Barnes, & Boutwell, 2014).
Such kinds of criminals have the clinical models that they use in the performance of crime. It
means as per social learning theory, criminal behavior of people is associated with others. These
people think that crime is desirable or is justified in some of the situations and then pursue the
same (Telzer, Van Hoorn, Rogers & Do, 2018). Four principal components of this theory are
there namely, differential association, definitions, differential reinforcement, and imitation. The
very first principles say that association with other people provides different models for criminal
and deviant behavior. It means the same provides norms and attitudes (Cochran, Maskaly, Jones,
& Sellers, 2017).
The second principles say that such attitude and norms motivate breaking law or provide
justification for the conduct of crime. In a summarized way, this is to state that who has believed
supporting deviant behavior are more likely to be engaged in criminal activities. The principle is
differential reinforcement and focuses on consequences. This theory develops that positive
reaction to criminal behavior will crime motivates a similar action in the future. Whereas in a
different side, punishment will reduce the likelihood of such behavior. Lastly, imitation plays a
crucial role in this theory. The principle says that people imitate others when they see admired
others who have been engaged in criminal activities.
There is a deep connection between hacking and social learning theory. The theory
support actions like hacking and motivate imitation of such behaviors. Hackers learn their
behavior from other people of groups and see them successful and happy after such conducts. If
to discuss the subjective theory in the context of chosen case study, this is to state that this theory
UNDERSTANDING AND PREVENTING CYBER FRAUD
5
worked as a force behind criminal behavior of hackers engaged in British Airways hacking. As
mentioned above, the hackers identified were assumed to be the one who was active in 2015. It
means they done such activities in the past too. As per the principle of differential association,
they might have learned some new norms and behavior to conduct the crime. For sure, they
might gain certain advantages in the past and therefore found it good to reinforce the similar
behavior in the future too. It becomes a subculture for them; they have learned new hacking
techniques in their similar groups and imitated actions of others. In such a manner, this is not
wrong to state that the criminal behavior of hackers engaged in British Airway case was
motivated through social learning theories.
Question 4
After the above-mentioned discussion, it is far clear that under a social learning theory a
person learns his/her behavior through people around and mimics the same later on (Akers &
Jensen, 2017). By developing some crime prevention strategies, the issue found in the chosen
case study could be addressed. The very first strategy is the development of social learning
prevention program. The program works on the assumption that by controlling and altering the
social learning of a person, he/she can be prevented by learning delinquent behavior. The
cybercrime identified in the case of British Airways is expected to prevent through developing an
environment, which allows positive learning to employees and other organizational personnel.
Such program targets to change the attitude of people about offending. By developing a program
focusing on interpersonal relationship and self-management, the issue of hacking and data breach
could be prevented at British Airways. This strategy can be supported by the development of
5
worked as a force behind criminal behavior of hackers engaged in British Airways hacking. As
mentioned above, the hackers identified were assumed to be the one who was active in 2015. It
means they done such activities in the past too. As per the principle of differential association,
they might have learned some new norms and behavior to conduct the crime. For sure, they
might gain certain advantages in the past and therefore found it good to reinforce the similar
behavior in the future too. It becomes a subculture for them; they have learned new hacking
techniques in their similar groups and imitated actions of others. In such a manner, this is not
wrong to state that the criminal behavior of hackers engaged in British Airway case was
motivated through social learning theories.
Question 4
After the above-mentioned discussion, it is far clear that under a social learning theory a
person learns his/her behavior through people around and mimics the same later on (Akers &
Jensen, 2017). By developing some crime prevention strategies, the issue found in the chosen
case study could be addressed. The very first strategy is the development of social learning
prevention program. The program works on the assumption that by controlling and altering the
social learning of a person, he/she can be prevented by learning delinquent behavior. The
cybercrime identified in the case of British Airways is expected to prevent through developing an
environment, which allows positive learning to employees and other organizational personnel.
Such program targets to change the attitude of people about offending. By developing a program
focusing on interpersonal relationship and self-management, the issue of hacking and data breach
could be prevented at British Airways. This strategy can be supported by the development of
UNDERSTANDING AND PREVENTING CYBER FRAUD
6
policies. From the perspective of this theory, criminal behavior is learned as well as sustained via
association with peer networks and family.
The strategy says that the policymakers must focus on the development and
implementation of rehabilitative and preventive programs, which use social learning variables to
modify the behavior of a person in a positive direction (Children.gov.on.ca, 2019). Such
programs must be developed considering principles of the subjective theory. The lead idea
behind the development of such policies and programs is to provide positive role models to
young people so that they do not get involved in the conduct of crime. In case of British Airways
although the hackers were not employees of the organization yet by developing such programs
they could be restricted or IT employees could be motivated to do more good in their sector and
to provide better security feature to company.
Another strategy that could be applied to British airways case is the development and
implementation of the contemporary prevention program. Most of the programs used to base on
the entire theoretical premise. Contemporary prevention program focuses on risk factors rather
than using the entire program (Nicholson & Higgins, 2017). This strategy also has been used in
the past in different cases where it found successful. The subjective program can be understood
as a strategic process for answering to crime as well as to safety issues. In the case of British
Airways, the lead risk factor was to security issues with the website. It was not secured in a
manner in which the same was required. Hence, by using Contemporary prevention program this
risk factor could be addressed. The company could use better security for its website or could
prevent its networks in other ways. A business is not supposed to reduce the risk unless the same
knows about it. The lead issue was that the risk has not been identified on time and therefore the
hacking incident happened there. If Contemporary prevention program would have been there
6
policies. From the perspective of this theory, criminal behavior is learned as well as sustained via
association with peer networks and family.
The strategy says that the policymakers must focus on the development and
implementation of rehabilitative and preventive programs, which use social learning variables to
modify the behavior of a person in a positive direction (Children.gov.on.ca, 2019). Such
programs must be developed considering principles of the subjective theory. The lead idea
behind the development of such policies and programs is to provide positive role models to
young people so that they do not get involved in the conduct of crime. In case of British Airways
although the hackers were not employees of the organization yet by developing such programs
they could be restricted or IT employees could be motivated to do more good in their sector and
to provide better security feature to company.
Another strategy that could be applied to British airways case is the development and
implementation of the contemporary prevention program. Most of the programs used to base on
the entire theoretical premise. Contemporary prevention program focuses on risk factors rather
than using the entire program (Nicholson & Higgins, 2017). This strategy also has been used in
the past in different cases where it found successful. The subjective program can be understood
as a strategic process for answering to crime as well as to safety issues. In the case of British
Airways, the lead risk factor was to security issues with the website. It was not secured in a
manner in which the same was required. Hence, by using Contemporary prevention program this
risk factor could be addressed. The company could use better security for its website or could
prevent its networks in other ways. A business is not supposed to reduce the risk unless the same
knows about it. The lead issue was that the risk has not been identified on time and therefore the
hacking incident happened there. If Contemporary prevention program would have been there
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
UNDERSTANDING AND PREVENTING CYBER FRAUD
7
then the risk could be identified and address on time. Hence, in this manner, by using these
strategies, cybercrime issue could be prevented at British Airways.
References
Akers, R. L., & Jensen, G. F. (2017). The empirical status of social learning theory of crime and
deviance: The past, present, and future. In Taking stock (pp. 37-76). Routledge.
Beaver, K. M., Barnes, J. C., & Boutwell, B. B. (Eds.). (2014). The nurture versus biosocial
debate in criminology: On the origins of criminal behavior and criminality. SAGE
Publications.
Children.gov.on.ca. (2019). Social Learning Theories7. Retrieved From:
http://www.children.gov.on.ca/htdocs/English/professionals/oyap/roots/volume5/
chapter08_social_learning.aspx
Cochran, J. K., Maskaly, J., Jones, S., & Sellers, C. S. (2017). Using structural equations to
model Akers’ social learning theory with data on intimate partner violence. Crime &
Delinquency, 63(1), 39-60.
Economist.com. (2018). British Airways admits that over 380,000 customers had their data
stolen. Retrieved From: https://www.economist.com/gulliver/2018/09/09/british-airways-
admits-that-over-380000-customers-had-their-data-stolen
Informationsecuritybuzz. (2018). Security Experts Comments – British Airways Data Breach
(second series). Retrieved From: https://www.informationsecuritybuzz.com/expert-
comments/british-airways-data-breach/
7
then the risk could be identified and address on time. Hence, in this manner, by using these
strategies, cybercrime issue could be prevented at British Airways.
References
Akers, R. L., & Jensen, G. F. (2017). The empirical status of social learning theory of crime and
deviance: The past, present, and future. In Taking stock (pp. 37-76). Routledge.
Beaver, K. M., Barnes, J. C., & Boutwell, B. B. (Eds.). (2014). The nurture versus biosocial
debate in criminology: On the origins of criminal behavior and criminality. SAGE
Publications.
Children.gov.on.ca. (2019). Social Learning Theories7. Retrieved From:
http://www.children.gov.on.ca/htdocs/English/professionals/oyap/roots/volume5/
chapter08_social_learning.aspx
Cochran, J. K., Maskaly, J., Jones, S., & Sellers, C. S. (2017). Using structural equations to
model Akers’ social learning theory with data on intimate partner violence. Crime &
Delinquency, 63(1), 39-60.
Economist.com. (2018). British Airways admits that over 380,000 customers had their data
stolen. Retrieved From: https://www.economist.com/gulliver/2018/09/09/british-airways-
admits-that-over-380000-customers-had-their-data-stolen
Informationsecuritybuzz. (2018). Security Experts Comments – British Airways Data Breach
(second series). Retrieved From: https://www.informationsecuritybuzz.com/expert-
comments/british-airways-data-breach/
UNDERSTANDING AND PREVENTING CYBER FRAUD
8
Kazmeyer, M. (2019). Examples of Cyber Crime. Retrieved From:
https://itstillworks.com/examples-cyber-crime-1544.html
Nicholson, J., & Higgins, G. E. (2017). Social structure social learning theory: Preventing crime
and violence. In Preventing crime and violence (pp. 11-20). Springer, Cham.
Sandle, P. (2019). British Airways faces record 183.4 million pounds fine over data theft.
Retrieved From: https://uk.reuters.com/article/uk-iag-cybercrime-ico/british-airways-
faces-record-183-4-million-pounds-fine-over-data-theft-idUKKCN1U30IR
Telzer, E. H., Van Hoorn, J., Rogers, C. R., & Do, K. T. (2018). Social influence on positive
youth development: A developmental neuroscience perspective. In Advances in child
development and behavior (Vol. 54, pp. 215-258). JAI.
8
Kazmeyer, M. (2019). Examples of Cyber Crime. Retrieved From:
https://itstillworks.com/examples-cyber-crime-1544.html
Nicholson, J., & Higgins, G. E. (2017). Social structure social learning theory: Preventing crime
and violence. In Preventing crime and violence (pp. 11-20). Springer, Cham.
Sandle, P. (2019). British Airways faces record 183.4 million pounds fine over data theft.
Retrieved From: https://uk.reuters.com/article/uk-iag-cybercrime-ico/british-airways-
faces-record-183-4-million-pounds-fine-over-data-theft-idUKKCN1U30IR
Telzer, E. H., Van Hoorn, J., Rogers, C. R., & Do, K. T. (2018). Social influence on positive
youth development: A developmental neuroscience perspective. In Advances in child
development and behavior (Vol. 54, pp. 215-258). JAI.
1 out of 9
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.