Cybercrime Law MIT-607: Research and Discussion on Recent Cases
VerifiedAdded on 2023/06/04
|42
|11271
|487
Project
AI Summary
This project focuses on cybercrime, presenting two case studies: a data breach at UniCredit bank and a cyber-attack on British Airways. The UniCredit case involved hackers stealing data from 400,000 bank accounts, highlighting vulnerabilities in IT systems and the importance of data lifecycle management. The British Airways case details the theft of customer credit card information, emphasizing the potential financial penalties for failing to secure customer data under GDPR. The project also discusses the increasing sophistication of cybercrimes and the need for robust security measures, including specialized security teams, employee training, and vigilant monitoring of data access. The research concludes that negligence in security practices is a common factor in cybercrime incidents and stresses the importance of proactive measures to prevent future attacks. Desklib offers resources to help students study such solved assignments and past papers.
qwertyuiopasdfghjklzxcvbnmqwe
rtyuiopasdfghjklzxcvbnmqwertyu
iopasdfghjklzxcvbnmqwertyuiopa
sdfghjklzxcvbnmqwertyuiopasdfg
hjklzxcvbnmqwertyuiopasdfghjkl
zxcvbnmqwertyuiopasdfghjklzxcv
bnmqwertyuiopasdfghjklzxcvbnm
qwertyuiopasdfghjklzxcvbnmqwe
rtyuiopasdfghjklzxcvbnmqwertyu
iopasdfghjklzxcvbnmqwertyuiopa
sdfghjklzxcvbnmqwertyuiopasdfg
hjklzxcvbnmqwertyuiopasdfghjkl
zxcvbnmqwertyuiopasdfghjklzxcv
Cybercrime-Research and Discussion
Research and Discussion on recent Cybercrimes
rtyuiopasdfghjklzxcvbnmqwertyu
iopasdfghjklzxcvbnmqwertyuiopa
sdfghjklzxcvbnmqwertyuiopasdfg
hjklzxcvbnmqwertyuiopasdfghjkl
zxcvbnmqwertyuiopasdfghjklzxcv
bnmqwertyuiopasdfghjklzxcvbnm
qwertyuiopasdfghjklzxcvbnmqwe
rtyuiopasdfghjklzxcvbnmqwertyu
iopasdfghjklzxcvbnmqwertyuiopa
sdfghjklzxcvbnmqwertyuiopasdfg
hjklzxcvbnmqwertyuiopasdfghjkl
zxcvbnmqwertyuiopasdfghjklzxcv
Cybercrime-Research and Discussion
Research and Discussion on recent Cybercrimes
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Cybercrime-Research and Discussion
Crime-Case 1
Hackers Breach 400,000 UniCredit Bank Accounts for Data
Last year, around mid-year, during last week of July, UniCredit, which is one of the Italy’s
famous and reputed banks, was reported to be the victim of a major cyber-attack that cost the
bank theft of data for approximately 400 thousand bank customers. The information related to
biographical data and loans had been stolen from the banking security of 400 thousand clients.
The intruders hacked the system and started the process of stealing data around mid-June and
carried out the process till next month until it was finally discovered by the end week of the
month of July.
A statement was issued by the CEO of the Advantage Financial, Francesco Confuorti, “An
Italian bank has been attacked for the first time in history and no stones will be left unturned to
prevent the loss of confidence. Banks will review their IT Systems from scratch and make all
necessary amendments”
An outside company, employed by the bank helped Hackers to compromise UniCredit
customer’s accounts. Several anomalies were found by the IT department during conduct of
checks which reported that few members from the external company partners are accessing
personal data of bank’s customers. The reason that the act was not caught for long duration of
more than a month is the huge amount of data associated and a difficult IT landscape.
After the attack was discovered, it was immediately blocked by UniCredit, all breaches were
sealed and systems were upgraded. It has been reported that UniCredit invested more than 3
billion euros on strengthening and upgrading of its IT systems against all kind of possible threats.
1
Crime-Case 1
Hackers Breach 400,000 UniCredit Bank Accounts for Data
Last year, around mid-year, during last week of July, UniCredit, which is one of the Italy’s
famous and reputed banks, was reported to be the victim of a major cyber-attack that cost the
bank theft of data for approximately 400 thousand bank customers. The information related to
biographical data and loans had been stolen from the banking security of 400 thousand clients.
The intruders hacked the system and started the process of stealing data around mid-June and
carried out the process till next month until it was finally discovered by the end week of the
month of July.
A statement was issued by the CEO of the Advantage Financial, Francesco Confuorti, “An
Italian bank has been attacked for the first time in history and no stones will be left unturned to
prevent the loss of confidence. Banks will review their IT Systems from scratch and make all
necessary amendments”
An outside company, employed by the bank helped Hackers to compromise UniCredit
customer’s accounts. Several anomalies were found by the IT department during conduct of
checks which reported that few members from the external company partners are accessing
personal data of bank’s customers. The reason that the act was not caught for long duration of
more than a month is the huge amount of data associated and a difficult IT landscape.
After the attack was discovered, it was immediately blocked by UniCredit, all breaches were
sealed and systems were upgraded. It has been reported that UniCredit invested more than 3
billion euros on strengthening and upgrading of its IT systems against all kind of possible threats.
1
Cybercrime-Research and Discussion
An audit has already been started by the company and UniCredit is planning to file complain
against the external business partner. Every possible step is being undertaken to strengthen and
upgrade the digital infrastructure and IT systems while maintaining a track of adjustment
requirements.
An emergency response team was created by Central bank and Italian Bank’s Association to
check the situation and to reinforce economic cyber security. The team is also working to prepare
against every possible malware attack which might hit in future. The major point of discussion is
to secure the customer’s data stored in the database from all kind of cyber-crimes as hackers may
damage it completely and make it un-usable that will corrupt all information regarding
customer’s money data.
The other measures taken by the bank to deal with the cybercrime is by charting own bank data
life cycle. The bank is keeping a watch on data’s life cycle i.e. how the data is being collected,
how the data is stored and finally how it is accessed and additional protection on the data which
is more sensitive than others. Providing a vigilant access to the data which has to accessed on
regular basis and a more secure and limited access memory location for the data that need not be
accessed on regular basis, also a secure disposition of data, which is no longer usable.
Monthly basis security check preformation has also been planned. To apply this data risk
security advisor who has experience in cyber-crimes has been appointed. It is expected that data
risk security advisor will help in discovering weak areas and timely measured could be taken for
that. It is responsibility of the management team to make sure that all the recommendations have
been carried out and progress has been made. Technology and security are different things and
often the mistake of hiring one single team to perform both tasks results in disasters. It is
2
An audit has already been started by the company and UniCredit is planning to file complain
against the external business partner. Every possible step is being undertaken to strengthen and
upgrade the digital infrastructure and IT systems while maintaining a track of adjustment
requirements.
An emergency response team was created by Central bank and Italian Bank’s Association to
check the situation and to reinforce economic cyber security. The team is also working to prepare
against every possible malware attack which might hit in future. The major point of discussion is
to secure the customer’s data stored in the database from all kind of cyber-crimes as hackers may
damage it completely and make it un-usable that will corrupt all information regarding
customer’s money data.
The other measures taken by the bank to deal with the cybercrime is by charting own bank data
life cycle. The bank is keeping a watch on data’s life cycle i.e. how the data is being collected,
how the data is stored and finally how it is accessed and additional protection on the data which
is more sensitive than others. Providing a vigilant access to the data which has to accessed on
regular basis and a more secure and limited access memory location for the data that need not be
accessed on regular basis, also a secure disposition of data, which is no longer usable.
Monthly basis security check preformation has also been planned. To apply this data risk
security advisor who has experience in cyber-crimes has been appointed. It is expected that data
risk security advisor will help in discovering weak areas and timely measured could be taken for
that. It is responsibility of the management team to make sure that all the recommendations have
been carried out and progress has been made. Technology and security are different things and
often the mistake of hiring one single team to perform both tasks results in disasters. It is
2
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Cybercrime-Research and Discussion
generally not advisable to have one team to perform both duties i.e. to handle technology data
and to secure this data. An information security officer has been appointed by the UniCredit for
this purpose whose job is to report to the administrators to endure visibility and momentum.
Each representative of the association must be instructed on the purposes of introduction to
dangers and the methods on protecting any upcoming threat and if any staff members notices any
kind of anomaly than it must be reported immediately to the concerned person. Month to month
updates must be the obligation of ISO with the goal that it turns into a daily practice for
representatives to be alarm. Introduction to internet based life inside the banks must be
exceptionally restricted or be totally prematurely ended as dangers are bound to oversharing via
web-based networking media, for instance if an architect posts about her involvement with
particular switches, firewalls and OS, she is unwittingly mapping the system for potential
aggressor.
Passwords related to business transactions must be changed a few times in a year and it ought to
be a decent mix of capitals, letters, lowercase and numbers. Gatecrashers, like every single other
seeker will have a go at assaulting its weakest prey. All the security forms must be strong to the
point that programmers need to search for some other casualty.
Introduction and Thesis
Most of the cybercrimes that has been discussed in this report are related to banks which clearly
show that fraudsters are making attempts to transfer money directly from the accounts. The
common reason that the attack occurred in first place, in all the cases seems to be the negligence,
the negligence for taking proper security measures and tightening them whenever necessary, the
3
generally not advisable to have one team to perform both duties i.e. to handle technology data
and to secure this data. An information security officer has been appointed by the UniCredit for
this purpose whose job is to report to the administrators to endure visibility and momentum.
Each representative of the association must be instructed on the purposes of introduction to
dangers and the methods on protecting any upcoming threat and if any staff members notices any
kind of anomaly than it must be reported immediately to the concerned person. Month to month
updates must be the obligation of ISO with the goal that it turns into a daily practice for
representatives to be alarm. Introduction to internet based life inside the banks must be
exceptionally restricted or be totally prematurely ended as dangers are bound to oversharing via
web-based networking media, for instance if an architect posts about her involvement with
particular switches, firewalls and OS, she is unwittingly mapping the system for potential
aggressor.
Passwords related to business transactions must be changed a few times in a year and it ought to
be a decent mix of capitals, letters, lowercase and numbers. Gatecrashers, like every single other
seeker will have a go at assaulting its weakest prey. All the security forms must be strong to the
point that programmers need to search for some other casualty.
Introduction and Thesis
Most of the cybercrimes that has been discussed in this report are related to banks which clearly
show that fraudsters are making attempts to transfer money directly from the accounts. The
common reason that the attack occurred in first place, in all the cases seems to be the negligence,
the negligence for taking proper security measures and tightening them whenever necessary, the
3
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Cybercrime-Research and Discussion
negligence for properly addressing the breaches or application of special authentication services
which could help in preventing the fraud in first place.
2018 shows no sign that cybercrimes are going to slow down in times ahead. To prevent and
handle this new crime agency is emerging who is working on inexpensive tools and capability of
immense benefits promoted through detailed hacking outrages inside the media. Over this,
hacking instruments and methods are expanding in modernity and availability. These
consolidated variables have prompted a blasting digital crime economy. For example, ransom
ware alone was a US$1 billion (£740 million) industry a year ago.
In the upcoming years we can realize more crypto jacking activity. Its rapidly increasing value is
the cause for its rising popularity. In year 2017, just in a day, Connections that were blocked by
Malware bytes rose to 11 million and still increasing.
Strikingly, crypto-mining has obscured the lines between regular web clients and digital
lawbreakers. It's presently conceivable that individual mining cryptographic money is doing as
such for their very own monetary profit, focusing on guests to their very own web properties.
This standard could prompt a mass appropriation of crypto-mining as a genuine type of online
income creation, and could even wind up supplanting promoting now and again.
Nonetheless, the biggest segment of crypto-jacking is probably going to happen from authentic
sites bargained to mine money to extend a criminal's pockets. While digital lawbreakers are
expanding in modernity, sluggishness will unquestionably factor into choosing their identity
going to target. Eventually, digital crooks will keep on focusing on the most straightforward
endpoints to enter.
4
negligence for properly addressing the breaches or application of special authentication services
which could help in preventing the fraud in first place.
2018 shows no sign that cybercrimes are going to slow down in times ahead. To prevent and
handle this new crime agency is emerging who is working on inexpensive tools and capability of
immense benefits promoted through detailed hacking outrages inside the media. Over this,
hacking instruments and methods are expanding in modernity and availability. These
consolidated variables have prompted a blasting digital crime economy. For example, ransom
ware alone was a US$1 billion (£740 million) industry a year ago.
In the upcoming years we can realize more crypto jacking activity. Its rapidly increasing value is
the cause for its rising popularity. In year 2017, just in a day, Connections that were blocked by
Malware bytes rose to 11 million and still increasing.
Strikingly, crypto-mining has obscured the lines between regular web clients and digital
lawbreakers. It's presently conceivable that individual mining cryptographic money is doing as
such for their very own monetary profit, focusing on guests to their very own web properties.
This standard could prompt a mass appropriation of crypto-mining as a genuine type of online
income creation, and could even wind up supplanting promoting now and again.
Nonetheless, the biggest segment of crypto-jacking is probably going to happen from authentic
sites bargained to mine money to extend a criminal's pockets. While digital lawbreakers are
expanding in modernity, sluggishness will unquestionably factor into choosing their identity
going to target. Eventually, digital crooks will keep on focusing on the most straightforward
endpoints to enter.
4
Cybercrime-Research and Discussion
Because of an absence of subsidizing, instructive establishments' IT frameworks are regularly
under-secured and they frequently come up short on the assets to shield themselves if an assault
were to happen. To a digital criminal that is the meaning of an obvious objective.
References
Edward, R., & Sirletti, S. (2017, July). Hackers Breach 400,000 UniCredit Bank Accounts for
Data. Bloomberg. Retrieved from https://www.bloomberg.com/news/articles.
Kerner, S. (2017, Feb 7). Sentry MBA Uses Credential Stuffing To Hack Sites. p. 8.
Coffman, H. (2017). The 414 Gang Strikes Again. Time. p. 75.
Nathan, J. (2017). At Microsoft, Interlopers Sound Off on Security. The New York Times
Retrieved from http://www.timesonline.co.uk.
Ramon, Y., & Ray, H. (2017). The Growing Hacking Threat to Websites: An Ongoing
Commitment to Web Application Security. The Journal of the Frost & Sullivan. 13(3-4),
147-148
Yagoda, K. (2017). The Hacker Crackdown. McLean, Virginia. IndyPublish.com. p. 61.
5
Because of an absence of subsidizing, instructive establishments' IT frameworks are regularly
under-secured and they frequently come up short on the assets to shield themselves if an assault
were to happen. To a digital criminal that is the meaning of an obvious objective.
References
Edward, R., & Sirletti, S. (2017, July). Hackers Breach 400,000 UniCredit Bank Accounts for
Data. Bloomberg. Retrieved from https://www.bloomberg.com/news/articles.
Kerner, S. (2017, Feb 7). Sentry MBA Uses Credential Stuffing To Hack Sites. p. 8.
Coffman, H. (2017). The 414 Gang Strikes Again. Time. p. 75.
Nathan, J. (2017). At Microsoft, Interlopers Sound Off on Security. The New York Times
Retrieved from http://www.timesonline.co.uk.
Ramon, Y., & Ray, H. (2017). The Growing Hacking Threat to Websites: An Ongoing
Commitment to Web Application Security. The Journal of the Frost & Sullivan. 13(3-4),
147-148
Yagoda, K. (2017). The Hacker Crackdown. McLean, Virginia. IndyPublish.com. p. 61.
5
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Cybercrime-Research and Discussion
Crime-Case 2
Data Breach of British Airways Customers in a Massive Cyber-attack
In the month of September, this year, British Airways became a victim to a massive cyber-attack
that compromised the personal data of approximately 3, 80,000 customers related to credit card
details. It has been confirmed by the authorized officials that hackers had stolen sufficient details
which can be used to make a fraudulent payment such as: Expiry Dates, Credit Card Numbers,
Names and CVV code. The victim customers were the one who booked the flight using BA
(British Airways) app between August 21 and September 5.
The breach was noticed by the third party whose name has not been disclosed by the BA but it
believed to be some other airline company who has been victim to same kind of hacking. In a
statement given by the spokesperson of BA it has been said that breach has been sealed and issue
is now closed and a thorough investigation is going on as a matter of urgency.
The total number of customers affected by the security breach has been reported to be around 3,
80,000. The bookings which were made outside the 15 day timeframe have reported to be
unaffected. Only the bookings that were made directly using BA website or app were affected.
Any bookings made with the help of travel agents remained unaffected. Also, passengers who
booked their BA flights using other third party websites such as Iberia, American Airlines or Aer
Lingus were not affected by the breach.
With the information stolen, frauds can range for a number of options such as making online
purchases to data selling to criminals who can in turn clone the cards and use it for future use
under the name of original owner. The British Airline stressed on the part that any theft of
6
Crime-Case 2
Data Breach of British Airways Customers in a Massive Cyber-attack
In the month of September, this year, British Airways became a victim to a massive cyber-attack
that compromised the personal data of approximately 3, 80,000 customers related to credit card
details. It has been confirmed by the authorized officials that hackers had stolen sufficient details
which can be used to make a fraudulent payment such as: Expiry Dates, Credit Card Numbers,
Names and CVV code. The victim customers were the one who booked the flight using BA
(British Airways) app between August 21 and September 5.
The breach was noticed by the third party whose name has not been disclosed by the BA but it
believed to be some other airline company who has been victim to same kind of hacking. In a
statement given by the spokesperson of BA it has been said that breach has been sealed and issue
is now closed and a thorough investigation is going on as a matter of urgency.
The total number of customers affected by the security breach has been reported to be around 3,
80,000. The bookings which were made outside the 15 day timeframe have reported to be
unaffected. Only the bookings that were made directly using BA website or app were affected.
Any bookings made with the help of travel agents remained unaffected. Also, passengers who
booked their BA flights using other third party websites such as Iberia, American Airlines or Aer
Lingus were not affected by the breach.
With the information stolen, frauds can range for a number of options such as making online
purchases to data selling to criminals who can in turn clone the cards and use it for future use
under the name of original owner. The British Airline stressed on the part that any theft of
6
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Cybercrime-Research and Discussion
passport details of the customers has not been reported which means that no connectivity has
been found related to customer’s planned dates away from home and its name and address.
The nature and pattern of the fraud stresses on the idea that it all happened during final stage of
making payment while booking a flight using BA app. Though, bank does not want to
investigate the nature or pattern of fraud, it is more interested in checking what kind of details
has been stolen.
Stephanie Jowers, is one of the customers, who booked the flight within hacking timeframe, and
became victim as her card was charged with a heavy amount and she did not had any idea till
then that her card has been compromised. When she contacted BA, she was informed that
amount will be refunded within 3-4 days and none other explanation was given to her. Later she
got the news of hacking through social media. Mr. Cruz, Chairman at British Airways, spoken in
an interview that all affected customers have been contacted and they will be compensated as
soon. He promised that none of the customer will suffer any financial loss due to the data breach.
It has been reported that BA can be fined more than 500 million euros due to compromised data
of the customers which is according to law makes BA faulty for not able to secure their system
as needed. Various regulators are in conversation over data breach which includes The
Information Commissioner's Office, The National Cyber Security Center and The National
Crime Agency.
The data breach at British Airways took after the introduction of the new act related to Data
Protection and it even includes the provisions of new European GDPR.As per the new rules, the
fine company has to pay in case of breach of data is 17 million euros or four percent of the yearly
turnover, whichever is greater out of two.
7
passport details of the customers has not been reported which means that no connectivity has
been found related to customer’s planned dates away from home and its name and address.
The nature and pattern of the fraud stresses on the idea that it all happened during final stage of
making payment while booking a flight using BA app. Though, bank does not want to
investigate the nature or pattern of fraud, it is more interested in checking what kind of details
has been stolen.
Stephanie Jowers, is one of the customers, who booked the flight within hacking timeframe, and
became victim as her card was charged with a heavy amount and she did not had any idea till
then that her card has been compromised. When she contacted BA, she was informed that
amount will be refunded within 3-4 days and none other explanation was given to her. Later she
got the news of hacking through social media. Mr. Cruz, Chairman at British Airways, spoken in
an interview that all affected customers have been contacted and they will be compensated as
soon. He promised that none of the customer will suffer any financial loss due to the data breach.
It has been reported that BA can be fined more than 500 million euros due to compromised data
of the customers which is according to law makes BA faulty for not able to secure their system
as needed. Various regulators are in conversation over data breach which includes The
Information Commissioner's Office, The National Cyber Security Center and The National
Crime Agency.
The data breach at British Airways took after the introduction of the new act related to Data
Protection and it even includes the provisions of new European GDPR.As per the new rules, the
fine company has to pay in case of breach of data is 17 million euros or four percent of the yearly
turnover, whichever is greater out of two.
7
Cybercrime-Research and Discussion
The global turnover of the company British Airways, as reported by the year end 31st December
2017, is around 12.2 billion which means that according to new rules if ICO takes proper action
against the company it can be fined for a total amount of 500 million euros. At present ICO is
concerned with another data breach case at Dixons Carphone. The spokesperson at BA said that
they are co-operating with all the pertinent regulators subsequent the breach of data.
A video message surfaced online which stated that the breach is now in control and website is
working all fine. Security systems have been tightened and it is believed that any kind of threat
in the future will be detected before it could affect systems. The spokesperson has also requested
victim customers to look out for any unusual activity on their bank accounts.
On 11th September, 2018, a cyber-security firm blamed Magecart, a persistent and sophisticated
hacking group, for the data breach against U.S. largest airline, British Airways. Magecart,
reportedly carried out a series of wide-ranging digital credit-card cloning campaigns during early
months of this year. Hacker’s group set besieged infrastructure to get mixed with the website of
BA and managed to avoid any detection for 15 days long period.
Although it is not possible to know exactly how far the hackers were able to get into the systems
and what kind of data is actually they have stolen but it is clear that they were able to modify a
resource and get access to the systems substantially and they might have gained access to the
systems long before actual attack implants a threat on online transactions and its vulnerability.
Introduction and Thesis
The common relation between all four crime cases has found to be that we push the updates to
the back burner. In present times it is not good to underestimate the power of a hacker. A good
hacker can crack 2/3rd of the passwords within few minutes that exists on the online systems in
8
The global turnover of the company British Airways, as reported by the year end 31st December
2017, is around 12.2 billion which means that according to new rules if ICO takes proper action
against the company it can be fined for a total amount of 500 million euros. At present ICO is
concerned with another data breach case at Dixons Carphone. The spokesperson at BA said that
they are co-operating with all the pertinent regulators subsequent the breach of data.
A video message surfaced online which stated that the breach is now in control and website is
working all fine. Security systems have been tightened and it is believed that any kind of threat
in the future will be detected before it could affect systems. The spokesperson has also requested
victim customers to look out for any unusual activity on their bank accounts.
On 11th September, 2018, a cyber-security firm blamed Magecart, a persistent and sophisticated
hacking group, for the data breach against U.S. largest airline, British Airways. Magecart,
reportedly carried out a series of wide-ranging digital credit-card cloning campaigns during early
months of this year. Hacker’s group set besieged infrastructure to get mixed with the website of
BA and managed to avoid any detection for 15 days long period.
Although it is not possible to know exactly how far the hackers were able to get into the systems
and what kind of data is actually they have stolen but it is clear that they were able to modify a
resource and get access to the systems substantially and they might have gained access to the
systems long before actual attack implants a threat on online transactions and its vulnerability.
Introduction and Thesis
The common relation between all four crime cases has found to be that we push the updates to
the back burner. In present times it is not good to underestimate the power of a hacker. A good
hacker can crack 2/3rd of the passwords within few minutes that exists on the online systems in
8
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Cybercrime-Research and Discussion
today’s date. Passwords which are weak like consisting only of numbers, only of capitals must
not be used as they are too easy to be cracked. So negligence can found to be the only issue that
is common in all four crime cases which result the attack in first place.
Access to digital insight is essential for each association and government establishment so as to
know the rotations in the threat arrive alongside a comprehension of their introduction. This is
the restricted to stay one stage in front of programmers knowing the risk and remaining safe. In
the event that associations have known the conditions they would have officially gone for the
higher need Eternal Blue fixing.
Keeping up reinforcement of the information on the regular routine by adjusting some course of
events or methods to reestablish reinforcement information as per the business coherence plan of
the association is a noteworthy hazard alleviation thought. Survey the affiliation's event response
and disaster status expects to affirm that they can without much of a stretch location rebuilding
from a payoff product event.
References
Beavers, O. (2018). Security firm blames hacking group for British Airways Cyber-attack, The
hill.com, Retrieved on 3rd October 2018, from https://thehill.com/policy/cybersecurity/405912-
security-firm-blames-hacking-group-for-british-airways-cyberattack.
Serena, N. (2018). British Airways hacking: Customers cancel credit cards as airline defends
handling of 'sophisticated' cyber-attack, Telegraph Reporters, The Telegraph News, Retrieved on
3rd October 2018, from https://www.telegraph.co.uk/news/2018/09/07/british-airways-hacking-
customers-cancel-credit-cards-airline.
9
today’s date. Passwords which are weak like consisting only of numbers, only of capitals must
not be used as they are too easy to be cracked. So negligence can found to be the only issue that
is common in all four crime cases which result the attack in first place.
Access to digital insight is essential for each association and government establishment so as to
know the rotations in the threat arrive alongside a comprehension of their introduction. This is
the restricted to stay one stage in front of programmers knowing the risk and remaining safe. In
the event that associations have known the conditions they would have officially gone for the
higher need Eternal Blue fixing.
Keeping up reinforcement of the information on the regular routine by adjusting some course of
events or methods to reestablish reinforcement information as per the business coherence plan of
the association is a noteworthy hazard alleviation thought. Survey the affiliation's event response
and disaster status expects to affirm that they can without much of a stretch location rebuilding
from a payoff product event.
References
Beavers, O. (2018). Security firm blames hacking group for British Airways Cyber-attack, The
hill.com, Retrieved on 3rd October 2018, from https://thehill.com/policy/cybersecurity/405912-
security-firm-blames-hacking-group-for-british-airways-cyberattack.
Serena, N. (2018). British Airways hacking: Customers cancel credit cards as airline defends
handling of 'sophisticated' cyber-attack, Telegraph Reporters, The Telegraph News, Retrieved on
3rd October 2018, from https://www.telegraph.co.uk/news/2018/09/07/british-airways-hacking-
customers-cancel-credit-cards-airline.
9
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Cybercrime-Research and Discussion
Buchanan, B. (2018). 2018British Airways Hack: This Is How Companies Shouldn't Handle
Data Breaches, The Conversation on September 10, Retrieved on 3rd October 2018, from
https://www.inverse.com/article/48827-british-airways-data-hack.
Crime-Case 3
Hackers Stole $6 Million in Cyber Attack on SWIFT System: Russian Central
Bank
Russian Central bank became the victim of a major cyber-attack which resulted in the loss of
approximately 4.8 million euros (339.5 million roubles in Russian currency) to the bank. On 16th
February, 2018 country's central bank admitted the attack and reported that the act has been
carried out using global payment network SWIFT. The attack was carried out last year in the
month of December, but it was admitted only in February this year.
The authorized persons of Central Bank defined this cyber-attack as a classic-scheme, which was
apparently uncovered at the base of a write about computerized robberies in the Russian
10
Buchanan, B. (2018). 2018British Airways Hack: This Is How Companies Shouldn't Handle
Data Breaches, The Conversation on September 10, Retrieved on 3rd October 2018, from
https://www.inverse.com/article/48827-british-airways-data-hack.
Crime-Case 3
Hackers Stole $6 Million in Cyber Attack on SWIFT System: Russian Central
Bank
Russian Central bank became the victim of a major cyber-attack which resulted in the loss of
approximately 4.8 million euros (339.5 million roubles in Russian currency) to the bank. On 16th
February, 2018 country's central bank admitted the attack and reported that the act has been
carried out using global payment network SWIFT. The attack was carried out last year in the
month of December, but it was admitted only in February this year.
The authorized persons of Central Bank defined this cyber-attack as a classic-scheme, which was
apparently uncovered at the base of a write about computerized robberies in the Russian
10
Cybercrime-Research and Discussion
managing an account segment. As per the report, the national bank said it was sent data with
respect to "one effective assault on the work place of a Swift framework administrator".
A spokesperson from the bank told the media that one of the country’s central bank was hacked
and taken in control to carry out the process and then by the help of SWIFT payment facility
hackers were able to transfer millions of roubles into their accounts. It was also said that it had
been sent data around "one fruitful assault on the working environment of a SWIFT framework
administrator" without naming the establishment included.
With this attack, memories of a previous Bangladesh attack evoked which took place by similar
means of SWIFT payment in the year 2016 which resulted in the loss of 81 million US dollars. It
doesn’t mean that SWIFT payments are not secure. It is used by more than 12000 institutes in
more than 200 countries over the globe and is accountable for trillions of euros transfer on daily
basis. SWIFT’s own spokesperson said in an interview that its own data systems have never been
attacked or ever part of any cyber-crime.
As per the report by Security Week Organization, hackers could have used easily available tools
such as Mimikatz, Empire, Cobalt Strike and Metasploit to achieve their goals. To caution
“These kind of attacks and threats threaten the stability of our financial institutions” cyber-
security strategist at Juniper Networks, Nick Bilogorskiy said that “they should fill in as an
invitation to take action for universal law requirement collaboration on shielding our worldwide
money related frameworks. Nick also said that, generally hackers groups ensues two methods to
carry out the attack either SWIFT wire transfers or ATM jackpotting. The other major reasons
for these kinds of attacks are the interconnectivity of all financial institutions and banks which
makes all money and data vulnerable to hacks and this is the reason that helps international
11
managing an account segment. As per the report, the national bank said it was sent data with
respect to "one effective assault on the work place of a Swift framework administrator".
A spokesperson from the bank told the media that one of the country’s central bank was hacked
and taken in control to carry out the process and then by the help of SWIFT payment facility
hackers were able to transfer millions of roubles into their accounts. It was also said that it had
been sent data around "one fruitful assault on the working environment of a SWIFT framework
administrator" without naming the establishment included.
With this attack, memories of a previous Bangladesh attack evoked which took place by similar
means of SWIFT payment in the year 2016 which resulted in the loss of 81 million US dollars. It
doesn’t mean that SWIFT payments are not secure. It is used by more than 12000 institutes in
more than 200 countries over the globe and is accountable for trillions of euros transfer on daily
basis. SWIFT’s own spokesperson said in an interview that its own data systems have never been
attacked or ever part of any cyber-crime.
As per the report by Security Week Organization, hackers could have used easily available tools
such as Mimikatz, Empire, Cobalt Strike and Metasploit to achieve their goals. To caution
“These kind of attacks and threats threaten the stability of our financial institutions” cyber-
security strategist at Juniper Networks, Nick Bilogorskiy said that “they should fill in as an
invitation to take action for universal law requirement collaboration on shielding our worldwide
money related frameworks. Nick also said that, generally hackers groups ensues two methods to
carry out the attack either SWIFT wire transfers or ATM jackpotting. The other major reasons
for these kinds of attacks are the interconnectivity of all financial institutions and banks which
makes all money and data vulnerable to hacks and this is the reason that helps international
11
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 42
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.