Close

OCU C)ISSO D Discussion Lesson 17

Viewing 3 reply threads
  • Author
    Posts
    • #65740
      Jessica Jagerson
      Keymaster

      When investigating a crime, there are always means, opportunity, and motive.  Discuss in detail a specific cybersecurity crime and tell a story (real or fiction) about the criminal making sure to discuss the M.O.M. of the criminal.  Also, discuss how this crime affected the organization.

    • #85723
      Marcena Davis
      Participant

      One example of a cybersecurity crime is a ransomware attack. Ransomware is a type of malicious software that is designed to encrypt the victim’s data and demand payment in exchange for the decryption key.

      In this hypothetical scenario, a small accounting firm was hit by a ransomware attack. The attack occurred on a weekend when the office was closed, and the attacker gained access to the firm’s network through a phishing email that was sent to an employee’s personal email account. The email appeared to be from a legitimate source, and the employee clicked on a link that downloaded the ransomware onto the firm’s network.

      Means: The attacker used a phishing email to gain access to the firm’s network. Phishing is a common means of attack that relies on social engineering tactics to trick victims into divulging sensitive information or downloading malicious software.

      Opportunity: The attack occurred on a weekend when the office was closed, providing the attacker with a window of opportunity to gain access to the network without detection.

      Motive: The attacker’s motive was financial gain. Ransomware attacks are often carried out by cybercriminals who are looking to extort money from their victims.

      The attacker demanded a ransom of $50,000 in exchange for the decryption key. The firm’s data backups were not up to date, and the cost of restoring the data manually would have been much higher than the ransom demand. After consulting with a cybersecurity expert, the firm decided to pay the ransom in order to regain access to their data.

      The attack had a significant impact on the firm, as they were unable to access their data for several days and had to pay a significant amount of money to regain access. In addition, the attack damaged the firm’s reputation and eroded the trust of their clients. The firm had to invest in additional cybersecurity measures, including employee training and improved data backup procedures, to prevent future attacks.

      The ransomware attack on the accounting firm was carried out using a phishing email to gain access to the network, and the attacker’s motive was financial gain. The attack had a significant impact on the firm, including financial loss, reputation damage, and loss of client trust. Preventive measures such as employee training, data backups, and improved cybersecurity measures can help prevent such attacks from occurring in the future.

      • #85837
        Kevin Mehok
        Participant

        IST3100 Information Systems Security Officer
        Week Five
        Assignment # 3
        WK5 Cyberattacks story
        Kevin Mehok

        Marcena,

        Awesome job with elaborating several different scenarios. Your cybersecurity attacks could all be used to create excellent movie titles. Sadly, these very stories not movies and they actually happen. We hear and see headlines regarding these sorts of attacks on the news far too often.

        Great job!

        God Bless,

        Kevin

      • #85925
        Kelly Crooks
        Participant

        Marcena, great post. Awesome job on explaining the ransomware scenario. I have done research about ransomware for a few of my other courses here at OCU and it seems that a vast majority of attacks are done for financial gain of some kind. I think I have only read a few cases where the attack was done for something other than financial gain. When Russia- Ukraine war started they had cybercriminals that attacked some Russian financial information just to share it with the world because they felt the war was unnecessary.

    • #85836
      Kevin Mehok
      Participant

      IST3100 Information Systems Security Officer
      Week Five
      Assignment # 3
      WK5 Cyberattacks story
      Kevin Mehok

      I think that sourcing an actual story for this discussion will be the most effective approach.
      In this era of time, we have been hearing a lot about Russia, and Ukraine. For years, Russia has aggressively and recklessly mounted digital attacks against Ukraine, causing blackouts, attempting to skew elections, stealing data, and releasing destructive malware to rampage across the country—and the world (Newman, 2022). Sadly, Russia carried through with invading Ukraine in February, though, the digital dynamic between the two countries has changed as Russia struggles to support a massive and costly kinetic war and Ukraine mounts resistance on every front it can think of (Newman, 2022). What does this mean? Well, this means that while Russia has continued to pummel Ukrainian institutions and infrastructure with cyberattacks, Ukraine has also been hacking back with surprising success (Newman, 2022). In defense, much like our need to create and implement an action plan, Ukraine has formed a volunteer “IT Army” at the beginning of the war, which has focused on mounting DDoS attacks and disruptive hacks against Russian institutions and services to cause as much chaos as possible (Newman, 2022). Hacktivists from around the world have also turned their attention—and digital firepower—toward the conflict (Newman, 2022). In a valiant effort Ukraine has launched other types of hacks against Russia, including attacks utilizing custom malware, Russia has suffered data breaches and service disruptions at an unprecedented scale (Newman, 2022).

      While we discuss over and over the negatives of malware and virus attacks, cyberattacking, yes cyberattacking can also in and of itself be an incredible form of offense, in defense just as it has been for Ukraine.

      I would be willing to keep approaches like this in mind as well if my organization were attacked.

      God Bless,

      Kevin

      References:

      Newman, L. (2022) https://www.wired.com/story/worst-hacks-breaches-2022/

      • #85908
        Marcena Davis
        Participant

        Hey Kevin,

        Great reference based on current events. It’s incredible how cyberattacks have become such a significant aspect of modern warfare. The story you shared really highlights the importance of being prepared and having effective security measures in place. I love how really emphasizes the need for a robust action plan and the importance of timely response in the face of cyber threats. It’s a simple reminder that the consequences of digital attacks can be far-reaching and affect nations on a global scale.

      • #85942
        Kelly Crooks
        Participant

        Kevin, I liked your scenario about Russia and Ukraine. Russia was out to get Ukraine for several years. First attacking their infrastructure with viral hacks and viruses and then with an all-out war. I found it interesting to read about Ukraine’s “IT Army” fighting back against Russia. I find it interesting that malware can be used for good just as easily as it can for evil.

    • #85888
      Kelly Crooks
      Participant

      In 2022, T-Mobile was the target of more than 100 separate incidents. Three different cybercriminal groups claimed to have access to the internal networks of the communication giant. All three of the cybercriminal groups gained access to T-Mobile data by using a Phishing scam that said customers could get a new SIM card for their devices. The customers would receive a text message that appeared as if it came from T-Mobile but was from a third party. The customers provided their phone numbers and the serial number from the SIM card.

      The original goal of the cyber attack was to see how many times the three groups could access the T-Mobile network. The cybercriminal groups posted new numbers each day as to how many times they had accessed the network. It was so easy for them to gain access to the network that by May of 2022 they stopped posting numbers.

      The M.O.M of these three cybercriminal groups was perfect for the taking if you ask me. The means they all used was the Phishing scam using the text message to get the customer’s information. The opportunity was there as well and it was an easy opportunity. Each group made the text messages look legit and authentic from T-Mobile, therefore having easy access to the data. The motive was a simple one, to see how many times each group could get access to T-Mobiles internal networks.

      The incident in 2022 cost T-Mobile $350 million just in pay-outs to customers. These kinds of incidents stress the importance of making sure their networks are secure, making sure that staff and employees use strong passwords, and making sure that employees and staff have the proper training to detect, engage and defend against any cyber threats.

      • #85909
        Marcena Davis
        Participant

        Hey Kelly,

        Wow, reading about the cyber attack on T-Mobile in 2022 really hit close to home for me. It’s scary to think that such a massive communication giant fell victim to not just one, but three different cybercriminal groups. I can only imagine how it must have felt to be one of the customers who received that deceptive text message.

        Phishing scams have become alarmingly sophisticated, and it’s unsettling to know that these criminals were able to make their messages appear authentic, tricking customers into providing their personal information. The ease with which they gained access to T-Mobile’s network is truly concerning, and it’s disheartening that they even boasted about it by posting daily numbers. It serves as a reminder for all of us to stay informed and take proactive measures to protect ourselves and our data.

      • #85921
        Kevin Mehok
        Participant

        Hey Kelly,

        I loved your article and share regarding T-Mobile. I did not know this and I am a T_Mobile customer. I completely agree with your thoughts and the realness of this type of cybercrimal activity. Smartphones are used by all ages. This hits home for me as my youngest child wants a phone and he needs to be able to detect this sort of activity. I chuckle because he cannot even make his bed correctly yet. This makes me wonder, “What’s ahead of us?”

        God Bless,

        Kevin

Viewing 3 reply threads
  • You must be logged in to reply to this topic.

SUPPORT

Please Note:

The support ticket system is for technical questions and post-sale issues.

 

If you have pre-sale questions please use our chat feature or email information@mile2.com .

Cybersecurity Certifications for Today's INFOSEC Careers

Mile2 Cybersecurity Certifications is a world-leader in providing accredited education, training, and certifications for INFOSEC professionals. We strive to deliver the best course ware, the strongest Cyber Range, and the most user-friendly exam system in the market.

 

Our training courses follow our role-based Certification Roadmap. Plus, many of our classes include hands-on skill development in our Cyber Range.  We train students in penetration testing,disaster recovery, incident handling, and network forensics.  Additionally, our Information Assurance training certification meets military, government, private sector and institutional specifications.  

 

Accreditations

We've developed training for...

Canada Army Navy Airforce

The Canadian Department of National Defense

USAF

The United States Air Force

Defense Logistics Agency

A United States Counterintelligence Agency

Texas Workforce Commission

Texas Workforce Commission