British Airways Data Breach: A Criminological Case Study Analysis
VerifiedAdded on 2022/12/19
|8
|2084
|88
Case Study
AI Summary
This case study analyzes the 2018 British Airways hacking incident, where cybercriminals stole personal and financial data of over 380,000 customers. The analysis identifies key features such as the targeting of financial data and the impact of the Magecart attack, a form of cyber fraud. The study applies the General Strain Theory to understand the motivations behind the crime, highlighting the role of negative emotionality and social factors. Furthermore, the assignment proposes crime prevention strategies based on the criminological theory, emphasizing the importance of social engagement, effective access control, and mitigation of organizational vulnerabilities to prevent future cyberattacks and protect customer data. The analysis also provides a detailed bibliography of relevant sources to support the arguments.
Running head: CASE STUDY ANALYSIS ON HACKING- BRITISH AIRWAYS
CASE STUDY ANALYSIS
ON
HACKING- BRITISH AIRWAYS
Name of the Student
Name of the University
Author Note:
CASE STUDY ANALYSIS
ON
HACKING- BRITISH AIRWAYS
Name of the Student
Name of the University
Author Note:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1Hacking- British Airways
Question 1: Describe the key features of the case study you have chosen.
Answer:
After analyzing the case study based on the British Airway Hacking -2018 it has been
noticed that this case is about the cyber-attack which has targeted the British Airway
followed by which cyber criminals has stolen the important data of more than 380,000
customers. Those hacked data includes the personal as well as the financial data of the airway
customers which has significantly impacted the services, reputations as well as privacy of the
customers. Hence, followed by the investigation on the nominated case study several key
features has been identified. Those identified features are listed below:
This case has a significance of cyber security which affects the services and the
privacy concerns of a service industry.
Followed by this it has been noticed that the attacker has specifically targeted that
financial aspects of the customers.
Along with that it has been also observed that in this case scenario there is a major
significance present related to the data breach which holds a significant impact on the
customer privacy.
Apart from the above key findings it has been also noticed that there is a significant
impact less effective security management operation of British Airway.
Along with that effectiveness of the mitigation approaches are also very significant in
this case scenario.
Question 2: What types of cyber fraud that has perpetrated in the case study?
Answer:
After investigating the nominated case study it has been noticed that there is a
significant impact of the cyber-attack termed as the Magecart which is a java based
Question 1: Describe the key features of the case study you have chosen.
Answer:
After analyzing the case study based on the British Airway Hacking -2018 it has been
noticed that this case is about the cyber-attack which has targeted the British Airway
followed by which cyber criminals has stolen the important data of more than 380,000
customers. Those hacked data includes the personal as well as the financial data of the airway
customers which has significantly impacted the services, reputations as well as privacy of the
customers. Hence, followed by the investigation on the nominated case study several key
features has been identified. Those identified features are listed below:
This case has a significance of cyber security which affects the services and the
privacy concerns of a service industry.
Followed by this it has been noticed that the attacker has specifically targeted that
financial aspects of the customers.
Along with that it has been also observed that in this case scenario there is a major
significance present related to the data breach which holds a significant impact on the
customer privacy.
Apart from the above key findings it has been also noticed that there is a significant
impact less effective security management operation of British Airway.
Along with that effectiveness of the mitigation approaches are also very significant in
this case scenario.
Question 2: What types of cyber fraud that has perpetrated in the case study?
Answer:
After investigating the nominated case study it has been noticed that there is a
significant impact of the cyber-attack termed as the Magecart which is a java based
2Hacking- British Airways
application in order to hack the information of an organization. There is a significant
application of this attack as it is highly efficient to target and get the access of customer’s
data related to the payment details. Followed by this aspect it has been noticed that the British
Airway was affected by a malicious attack due to which the personal information as well as
the financial data has been hacked. Followed by this it has been identified that it was a
harmful attack of Magacart which has targeted the customer data between the time periods of
21 august 2018 to 5 September 2018. While investigating the impact of Magecart it has been
observed that this attack is also termed as the supply chain attack which follows the pattern to
compromise the software of the third-party utilizing a VAR system or by any integrator.
Considering this aspect it has been also noticed that this attack has taken place in order to get
access of the payment details of the customers by the skimmer code of Magecart.
While considering the case scenario it has been noticed that this application works by
substituting the java script code to a website in order to host the malware or the injection in
the network server. Following by this it has been noticed that in the case of British Airway
hacking the Magecart attacker has effective targeted the specific payment system rather than
effecting the entire server. Hence, from this analysis it can be stated that the primary
objective behind this attack was to gather the financial information.
Followed by this aspect it has been noticed that Magecart is a type of Cross-site-
scripting attack which can be also termed as the digital skimmer which exploits the payment
system of the targeted organization.
Question 3: Chose ONE criminological theory discussed in the course and use it to
analyze the chosen case study.
Answer:
application in order to hack the information of an organization. There is a significant
application of this attack as it is highly efficient to target and get the access of customer’s
data related to the payment details. Followed by this aspect it has been noticed that the British
Airway was affected by a malicious attack due to which the personal information as well as
the financial data has been hacked. Followed by this it has been identified that it was a
harmful attack of Magacart which has targeted the customer data between the time periods of
21 august 2018 to 5 September 2018. While investigating the impact of Magecart it has been
observed that this attack is also termed as the supply chain attack which follows the pattern to
compromise the software of the third-party utilizing a VAR system or by any integrator.
Considering this aspect it has been also noticed that this attack has taken place in order to get
access of the payment details of the customers by the skimmer code of Magecart.
While considering the case scenario it has been noticed that this application works by
substituting the java script code to a website in order to host the malware or the injection in
the network server. Following by this it has been noticed that in the case of British Airway
hacking the Magecart attacker has effective targeted the specific payment system rather than
effecting the entire server. Hence, from this analysis it can be stated that the primary
objective behind this attack was to gather the financial information.
Followed by this aspect it has been noticed that Magecart is a type of Cross-site-
scripting attack which can be also termed as the digital skimmer which exploits the payment
system of the targeted organization.
Question 3: Chose ONE criminological theory discussed in the course and use it to
analyze the chosen case study.
Answer:
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3Hacking- British Airways
After analyzing the nominated case study it has been noticed that there is a significant
application of cyber-crime which holds a significant impact on the services on the
organization or on the individuals. Considering the above aspects there is a huge impact of
criminology theory which has effectively specifies the objectives, intentions as well as the
background of this crime. Followed by this discussion five significant criminological theory
has been identified which includes the low self-control theory, Social learning theory, general
strain theory, frustration aggression hypothesis theory as well as the routine activity theory,
each of these identified theories as explained the aspect crime in broad way. Hence, after
analyzing the nominated case scenario with respect to the General Strain Theory it has been
noticed that there is a huge impact of environmental as well as mental conditions behind the
identified cyber-attack. The General Strain Theory (GST) consists of 4 characteristics which
enforces the criminal intention. Those characteristics includes the aspect of failure to achieve
the goals which has positive values, conflicts between the achievements and expectation, less
impact of positive stimuli as well as enhancement of negative mind stimulation (Lanier
2018).
While considering the nominated criminology theory it has been observed that there is
significant impact of negative emotionality behind this attack. Followed by this getting
obsessed for the expected results of their movement significantly impacts the criminal
intention in an individual’s mind. Along with the above aspects while investigating the
mentioned case scenario according to the general strain theory it is mentioned that there is a
huge impact of inefficient social communication skill which restrict the individuals from
interacting with the other individuals which enhances the criminal intention. Apart from that
there is a huge impact on negative emotionality in the criminal activities as due to this an
individual gets concern of how they will earn money or how they will survive in this world
without being popular. Hence, as a result of this concern the criminal intention within an
After analyzing the nominated case study it has been noticed that there is a significant
application of cyber-crime which holds a significant impact on the services on the
organization or on the individuals. Considering the above aspects there is a huge impact of
criminology theory which has effectively specifies the objectives, intentions as well as the
background of this crime. Followed by this discussion five significant criminological theory
has been identified which includes the low self-control theory, Social learning theory, general
strain theory, frustration aggression hypothesis theory as well as the routine activity theory,
each of these identified theories as explained the aspect crime in broad way. Hence, after
analyzing the nominated case scenario with respect to the General Strain Theory it has been
noticed that there is a huge impact of environmental as well as mental conditions behind the
identified cyber-attack. The General Strain Theory (GST) consists of 4 characteristics which
enforces the criminal intention. Those characteristics includes the aspect of failure to achieve
the goals which has positive values, conflicts between the achievements and expectation, less
impact of positive stimuli as well as enhancement of negative mind stimulation (Lanier
2018).
While considering the nominated criminology theory it has been observed that there is
significant impact of negative emotionality behind this attack. Followed by this getting
obsessed for the expected results of their movement significantly impacts the criminal
intention in an individual’s mind. Along with the above aspects while investigating the
mentioned case scenario according to the general strain theory it is mentioned that there is a
huge impact of inefficient social communication skill which restrict the individuals from
interacting with the other individuals which enhances the criminal intention. Apart from that
there is a huge impact on negative emotionality in the criminal activities as due to this an
individual gets concern of how they will earn money or how they will survive in this world
without being popular. Hence, as a result of this concern the criminal intention within an
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4Hacking- British Airways
individual gets invoked and the person then intended to do such activities which will give the
money as well as satisfaction no matter whatever the task is and whatever, impact of that
activity on the population. Followed by this aspect the positive mind stimulation decreases
due to which an person losses the self-confidence as well as losses trust on the others which
lead the person to do such unethical activities no matter how it is affecting an individual or
population (Whitaker 2018).
After analyzing the mentioned case scenario with respect to the selected criminology
theory it has been noticed that since, the attacker has targeted the financial aspect of the
customers in order to gain money it is visible that the attacker must have significant problems
with the money aspects or the attacker may consist a social anxiety due to which they have
decided to earn money using an ethical way. Hence, after the investigation it can be stated
that according to the characteristics of general strain theory there is a huge impact of negative
emotionality and negative influence.
Question 4: Based on the criminological theory identify at least 2 crime prevention
strategies that could have been used to prevent or disrupt the cyber fraud identified in
the case study.
Answer:
According to the general strain theory there are four characteristics that lead a person
towards crime. The four characteristics have been mentioned above and the case study of
British Airways can be explained according to these characteristics. The British Airways
suffered a loss of data and volumes of information related to almost 380,000 customer cards
were stolen. In this scenario the general strain theory can be applied as the mentality of the
hackers involved depends on some or other strain they have been experiencing in their lives.
Here in this particular case the strains can be associated with low level of social control as
individual gets invoked and the person then intended to do such activities which will give the
money as well as satisfaction no matter whatever the task is and whatever, impact of that
activity on the population. Followed by this aspect the positive mind stimulation decreases
due to which an person losses the self-confidence as well as losses trust on the others which
lead the person to do such unethical activities no matter how it is affecting an individual or
population (Whitaker 2018).
After analyzing the mentioned case scenario with respect to the selected criminology
theory it has been noticed that since, the attacker has targeted the financial aspect of the
customers in order to gain money it is visible that the attacker must have significant problems
with the money aspects or the attacker may consist a social anxiety due to which they have
decided to earn money using an ethical way. Hence, after the investigation it can be stated
that according to the characteristics of general strain theory there is a huge impact of negative
emotionality and negative influence.
Question 4: Based on the criminological theory identify at least 2 crime prevention
strategies that could have been used to prevent or disrupt the cyber fraud identified in
the case study.
Answer:
According to the general strain theory there are four characteristics that lead a person
towards crime. The four characteristics have been mentioned above and the case study of
British Airways can be explained according to these characteristics. The British Airways
suffered a loss of data and volumes of information related to almost 380,000 customer cards
were stolen. In this scenario the general strain theory can be applied as the mentality of the
hackers involved depends on some or other strain they have been experiencing in their lives.
Here in this particular case the strains can be associated with low level of social control as
5Hacking- British Airways
well as source of income that made the persons involved in the hacking to commit such a
crime. The data breach was said to be the part of global credit-skimming campaign that was
conducted by Magecart group. Followed by the above discussion a detail investigation on the
criminological theory is mentioned above however, it is highly important to mitigate the
influencing factor which holds a significant impact on the criminal activities (Lee & Sanchez
2018). Hence, a detail explanation related to the mitigation approach is mentioned below
which holds the capability to reduce the identified risk factors:
According to the identified criminological theory it has been noticed that there are several
impactful characteristics present related which influences an individual’s mind towards the
criminal activities. Hence, several mitigation approach has been identified which holds a
significant impact in mitigating the criminal influence such as it is very important for a
person to be socially active as well as the person needs to communicate with the other
persons due to which the individual will be able to observe the activities and emotions
which reduces the chances of getting negatively influenced. Since, it is mentioned in the
theory that there is huge significance of negative influence on these types of attacks which
causes the damage like British Airway Magecart attack. Thus, it can be stated that in order
to mitigate these types of activities and protect the public and organizational property it is
very important to reduce the organizational vulnerabilities and keeping the organizational
assets and data safe is also holds a significant impact on preventing the criminal activities
(Taylor et al., 2019).
Along with the above identified mitigation approach it is also important to enable
effective access control process within the organization which enables the organization or
an individual to protect their important data from the hackers. Hence, followed by the
analysis of the mentioned case scenario it has been noticed that due to less effective
security and data access control devices the organization gets affected by the external
well as source of income that made the persons involved in the hacking to commit such a
crime. The data breach was said to be the part of global credit-skimming campaign that was
conducted by Magecart group. Followed by the above discussion a detail investigation on the
criminological theory is mentioned above however, it is highly important to mitigate the
influencing factor which holds a significant impact on the criminal activities (Lee & Sanchez
2018). Hence, a detail explanation related to the mitigation approach is mentioned below
which holds the capability to reduce the identified risk factors:
According to the identified criminological theory it has been noticed that there are several
impactful characteristics present related which influences an individual’s mind towards the
criminal activities. Hence, several mitigation approach has been identified which holds a
significant impact in mitigating the criminal influence such as it is very important for a
person to be socially active as well as the person needs to communicate with the other
persons due to which the individual will be able to observe the activities and emotions
which reduces the chances of getting negatively influenced. Since, it is mentioned in the
theory that there is huge significance of negative influence on these types of attacks which
causes the damage like British Airway Magecart attack. Thus, it can be stated that in order
to mitigate these types of activities and protect the public and organizational property it is
very important to reduce the organizational vulnerabilities and keeping the organizational
assets and data safe is also holds a significant impact on preventing the criminal activities
(Taylor et al., 2019).
Along with the above identified mitigation approach it is also important to enable
effective access control process within the organization which enables the organization or
an individual to protect their important data from the hackers. Hence, followed by the
analysis of the mentioned case scenario it has been noticed that due to less effective
security and data access control devices the organization gets affected by the external
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6Hacking- British Airways
threats such as Magecart. Thus, it is highly important to reduce the identified
vulnerabilities in order to control the crime with respect to the discussed aspect which will
significantly reduce the possibilities of getting hacked by the attacker as well as it will also
enhance the security of the organization which holds a major impact on the organisational
services as well as on its customers privacy.
Bibliography:
threats such as Magecart. Thus, it is highly important to reduce the identified
vulnerabilities in order to control the crime with respect to the discussed aspect which will
significantly reduce the possibilities of getting hacked by the attacker as well as it will also
enhance the security of the organization which holds a major impact on the organisational
services as well as on its customers privacy.
Bibliography:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7Hacking- British Airways
Chatterjee, S., Gao, X., Sarkar, S., & Uzmanoglu, C. (2019). Reacting to the scope of a data
breach: The differential role of fear and anger. Journal of Business Research, 101,
183-193.
Diamanti, G. F., Hatanaka, I., Kenna, S. J., & Marzorati, M. (2019). U.S. Patent Application
No. 10/178,508.
Hay, C., & Ray, K. (2019). General Strain Theory and Cybercrime. The Palgrave Handbook
of International Cybercrime and Cyberdeviance, 1-19.
Jahankhani, H. (Ed.). (2018). Cyber Criminology. Springer.
Janakiraman, R., Lim, J. H., & Rishika, R. (2018). The effect of a data breach announcement
on customer behavior: Evidence from a multichannel retailer. Journal of
Marketing, 82(2), 85-105.
Reference:
Lanier, M. M. (2018). Essential criminology. Routledge.
Lee, G., & Sanchez, M. (2018). Cyber Bullying Behaviors, Anonymity, and General Strain
Theory: A Study of Undergraduate Students at a South Eastern University in the
United States. International Journal of Cyber Criminology.
Taylor, R. W., Fritsch, E. J., Liederbach, J., Saylor, M. R., & Tafoya, W. L. (2019). Cyber
Crime and Cyber Terrorism.
Whitaker, T. (2018). The BA Data Breach. Int'l J. Data Protection Officer, Privacy Officer &
Privacy Couns., 2, 15.
Chatterjee, S., Gao, X., Sarkar, S., & Uzmanoglu, C. (2019). Reacting to the scope of a data
breach: The differential role of fear and anger. Journal of Business Research, 101,
183-193.
Diamanti, G. F., Hatanaka, I., Kenna, S. J., & Marzorati, M. (2019). U.S. Patent Application
No. 10/178,508.
Hay, C., & Ray, K. (2019). General Strain Theory and Cybercrime. The Palgrave Handbook
of International Cybercrime and Cyberdeviance, 1-19.
Jahankhani, H. (Ed.). (2018). Cyber Criminology. Springer.
Janakiraman, R., Lim, J. H., & Rishika, R. (2018). The effect of a data breach announcement
on customer behavior: Evidence from a multichannel retailer. Journal of
Marketing, 82(2), 85-105.
Reference:
Lanier, M. M. (2018). Essential criminology. Routledge.
Lee, G., & Sanchez, M. (2018). Cyber Bullying Behaviors, Anonymity, and General Strain
Theory: A Study of Undergraduate Students at a South Eastern University in the
United States. International Journal of Cyber Criminology.
Taylor, R. W., Fritsch, E. J., Liederbach, J., Saylor, M. R., & Tafoya, W. L. (2019). Cyber
Crime and Cyber Terrorism.
Whitaker, T. (2018). The BA Data Breach. Int'l J. Data Protection Officer, Privacy Officer &
Privacy Couns., 2, 15.
1 out of 8
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.