Assume a scenario where the hackers gained access to information through malware on Point-of-Sale (POS) systems of more than million credit and debit card. The firewall had captured the first malware code and an alert was issued which was ignored. The hackers started downloading the collected data. The cyber criminals have hacked the system to gain credit and debit card information.
1. Explain in your own words what happened in the above discussed data breach. [5 Marks]
2. Identify and experience the type of attack experienced in the above scenario [2 Marks]
3. The stolen credentials alone are not enough to access the company’s POS devices. What other means can the hackers acquire to allow them to navigate the company’s network and deploy the malware. [3 Marks]
4. What would have hackers done for privilege escalation? [2 Marks]
5. The organization admitted that they ignored many alerts from their network security devices because of alert overload. If you are the organization’s Chief Technical Officer (CTO), what would you do to reduce the problem of alert overload? [3 Marks]
6. The security experts criticize the organization for failing to isolate sensitive sections of their networks from those more easily accessible to outsiders. As a CTO, please propose a feasible solution to segment and categorize your networks and resources. [5 Marks]
Hi,
Every business organization uses a POS system.A POS system is Point Of Sale system that is used to provide the transactions between the customer and organization.
1. On using POS system it is very helful for the hackers to collect the informatin regarding the details of credit cards and debit card.It is a very dangerous situation for the customers who made tansaction with the organization.POS system is connected to the internet so that online transactions and all other transactions take place.Many customers are affected by this data breach.The main thing that the hackers need is the credit card number and they can use that number for their uses or even they can sell that number and can earn money.In an organization there are many customers and if the attacker gets the credit card details of all the customer,they can earn large amount of money.This is done by accessing the credential that are used by the organization to login to the systems.This credit card or debit cards have also security such as magnetic strip and provide encryption.In the RAM the decryption occurs and the hackers needs the decryted information so they target the RAM.
2.The type of attack is malware attack.And there are many malware attacks .Here it is a network sniffing malware.Here it is intercepting the payment card details.Here the financial theft is occuring and attackers use the packet sniffers to htese data packets are used to hack the information.
3. Not only the credential are enough to get into the POS system but the hackers can enter into the POS sytem through many other means..Another method is using a USB port that is kept open in most of the system and the attacker can enter easily into the system.
4.For every system only authorized persons can enter into the system,but if there happens an unauthorized access to the system then it is called as an attack.So a previlage escalation is also tha type of attack that is unauthorized access to the system.The mai job of the hackers is disrupting the normal flow of the organizationThy are always try to disrupt the provided security by any other malicious softwares.They are always searching is there is a chance to enter into the system.So this problem is mainly occurs when there is a small security problem.So the organizations should continously check for the security measures and countinously update the antimalware softwares in the system.
5. Evey organozations,inorder to protect their system from malicious attack they install anti malware or anti virus softwares and these softwares give alerts when there is a problem occurs in the system.But sometimes it becomes a overload in alert.The alert is there for small problems that are not dangerous for the systemIf this alert is overloaded the organization didn't care if a real problem is occurs.Here in the example given is also have sucha a problem that is the firewall issued an alert but it was ignored by the oranization .It is due to the alert overloading.In order to reduce the alert overloading a person with high knowledge in detecting the alert are given the job for investing any attacks are occuring.
6. It is difficult to provide network security when the device is a large one.So inorder to avoid this a segmentation is done to divide the networks into different segments.This is called as network segmentation.So on dividing into different segments and give different persons are allocated to control different segments.So it reduces many problems related to network .So more care can be provided for each segments.It have many advantages that it will improve the performace,saves time and also provide more security.
Inorder to avoid this kind of malware we have to give more care.That is continously monitor thesystem if there is any malicous attack happens,avoid entering all sites only enter into the scured site,the system should provide security by creating password that are not accessible easily.
Thank you....
Get Answers For Free
Most questions answered within 1 hours.