Question

Assume a scenario where the hackers gained access to information through malware on Point-of-Sale (POS) systems of more than million credit and debit card. The firewall had captured the first malware code and an alert was issued which was ignored. The hackers started downloading the collected data. The cyber criminals have hacked the system to gain credit and debit card information.

1. Explain in your own words what happened in the above discussed data breach. [5 Marks]

2. Identify and experience the type of attack experienced in the above scenario [2 Marks]

3. The stolen credentials alone are not enough to access the company’s POS devices. What other means can the hackers acquire to allow them to navigate the company’s network and deploy the malware. [3 Marks]

4. What would have hackers done for privilege escalation? [2 Marks]

5. The organization admitted that they ignored many alerts from their network security devices because of alert overload. If you are the organization’s Chief Technical Officer (CTO), what would you do to reduce the problem of alert overload? [3 Marks]

6. The security experts criticize the organization for failing to isolate sensitive sections of their networks from those more easily accessible to outsiders. As a CTO, please propose a feasible solution to segment and categorize your networks and resources. [5 Marks]

please solve it as fast as you can and the subject is cyber security.

Answer 1

1.

The hackers tried to get the details of the credit and debit cards of different users by breaching the security which was caught by the firewall, in the first place, but the threat was been ignored by the authorities, which lead to critical information of credit cards, being leaked, which the hackers can use according to their wish and if the hacker succeeds then the hacker can use it for all their use as and when required and the bill of the usage will have to be paid by the real owner of the credit card.

2.

The attack that the system faced was interception. The hacker intercepted in the system and took all the data of the credit card of the users to either sell or use it for their own usage. Then the hacker will be masquerading as the original user to use the credit or debit card the bill of the same will have to be paid by the original owner.

3.

There are system cards that are owned by the users that are needed to access the system. This will be necessary for accessing the system. If the hacker somehow manages to get this then the hacker can easily access everything. And also, the one-time pin is also mandatory for the access. If the hacker gets that then the owner of the credit card will be in huge losses.

4.

The hackers would have masqueraded as someone else to get through the security, but that eventually was not perfect as the firewall caught it, but as the threat informed was ignored, that lead to threats to the user's critical information that will be misused by the hacker.