Assume a scenario where the hackers gained access to information through malware on Point-of-Sale (POS) systems of more than million credit and debit card. The firewall had captured the first malware code and an alert was issued which was ignored. The hackers started downloading the collected data. The cyber criminals have hacked the system to gain credit and debit card information.
1. Explain in your own words what happened in the above discussed data breach. [5 Marks]
2. Identify and experience the type of attack experienced in the above scenario [2 Marks]
3. The stolen credentials alone are not enough to access the company’s POS devices. What other means can the hackers acquire to allow them to navigate the company’s network and deploy the malware. [3 Marks]
4. What would have hackers done for privilege escalation? [2 Marks]
5. The organization admitted that they ignored many alerts from their network security devices because of alert overload. If you are the organization’s Chief Technical Officer (CTO), what would you do to reduce the problem of alert overload? [3 Marks]
6. The security experts criticize the organization for failing to isolate sensitive sections of their networks from those more easily accessible to outsiders. As a CTO, please propose a feasible solution to segment and categorize your networks and resources. [5 Marks]
1.
The hackers tried to get the details of the credit and debit cards by breaching the security which was caught by the firewall but the threat was been ignored which lead to critical information of credit cards which the hackers can use according to his wish and if the hacker succeeds then the hacker can use it for all their use and the bill will have to be paid by the real owner of the credit card.
2.
The attack that the system faced was interception. The hacker intercepted in the system and took all the data of the credit card of the users. Then the hacker will be masquerading as the original user to use the credit or debit card.
3.
There are system cards that are owned by the users that are needed to access the system. This will be necessary for accessing the system. If the hacker somehow manages to get this then the hacker can easily access everything.
4.
The hackers would have masqueraded as someone else to get through the security, but that eventually was not perfect as the firewall caught it, but as the threat informed was ignored, that lead to threats to the users.
Get Answers For Free
Most questions answered within 1 hours.