In: Computer Science
Assume a scenario where the hackers gained access to information through malware on Point-of-Sale (POS) systems of more than million credit and debit card. The firewall had captured the first malware code and an alert was issued which was ignored. The hackers started downloading the collected data. The cyber criminals have hacked the system to gain credit and debit card information.
1. Explain in your own words what happened in the above discussed data breach. [5 Marks]
2. Identify and experience the type of attack experienced in the above scenario [2 Marks]
3. The stolen credentials alone are not enough to access the company’s POS devices. What other means can the hackers acquire to allow them to navigate the company’s network and deploy the malware. [3 Marks]
4. What would have hackers done for privilege escalation? [2 Marks]
5. The organization admitted that they ignored many alerts from their network security devices because of alert overload. If you are the organization’s Chief Technical Officer (CTO), what would you do to reduce the problem of alert overload? [3 Marks]
6. The security experts criticize the organization for failing to isolate sensitive sections of their networks from those more easily accessible to outsiders. As a CTO, please propose a feasible solution to segment and categorize your networks and resources. [5 Marks]
Data breach is the unlawful,unethical and unauthorised access to someone's computer or network and to steal his or her confidential personal information.There are many data breaches,namely
In this scenario it is evident that it was not exploit as the firewall gave alert when the malicious activity occured.It is neither the case of Spyware as nothing was downloaded at the pos system nor Phising or misconfigured access controls.It is the case of SQLI as it states more than million debit and credit card information was stolen. Such a thing is posssible on large databases like SQL. The malware code was implanted by the Scammers in the form of query of certain items and it resulted in the spitting of the confidential information of debit and credit card information of the customers. It was not only the data breach but it also involves the carelessness of the administrators. If the act would have noted in time the Cybercriminals could be stopped from downloading the confidential data and the information of millions of people could be protected.