The problem and steps undertaken for its solution:

Published: 2019-09-12 07:00:00
1171 words
4 pages
10 min to read
letter-mark
B
letter
University/College: 
Type of paper: 
This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

With the rising occurrences of fraud cases that affected credit card associations and credit card issuers, they teamed up and contacted Ubizen, who handled cybercrime-related cases. They then called upon a suspected source of the fraud, simply denoted as Company A, to adequately co-operate with the investigators to collect hard evidence.

The first step was the setting off for discovery where the forensic team had to conduct an exhaustive discovery process to lay ground for the advanced stage of work when they had to visit the company site next. After the discovery, the team embarked on a mission to verify the fraud patterns that portrayed fraud that resulted from duplication of credit cards that majorly used in card-present transactions. It involved fraudulent reproduction of duplicate cards that were illegal and were still used by the hackers in matching correct clientele information.

Next in line was the land laying where the investigators studied various diagrammatic objects in order to understand the layout of computer network belonging to Company As. The study sought to find out whether there existed any vulnerability (University, C., 2016). The team found out that both the Web and FTP servers were less strongly configured and were vulnerable to attack. After these discoveries, the team called upon the law enforcement officers from the FBI department of data analysis in Chicago. They assisted in collection of data that ranged from mirror images of Company As gateway and conducted various interviews on their staff. From the interview the team discovered various systems that had been hacked based solely on their inadequate security control mechanisms and proximity to the internet (University, C., 2016). They finally found a system that had not been installed by Company A and it included foreign keystroke loggers and one backdoor program that would likely to have been fraudulently installed. From evident footprints left by the intruder, it also became apparent that this server was the staging point of all access to the site.

The team immediately launched a verification scheme that would look into the various time stamps and date in order to ascertain whether intruders accessed Company As network. They immediately discovered that the breach was an ongoing ordeal through creation of files by the hacker (University, C., 2016). In this course, they also ejected most of Company As servers offline and replacing many of the compromised files. They immediately enabled and configured auditing and logging tasks to ensure that in case any unauthorized access took place, the organization immediately detect the anomaly. The team also went further to preserve the compromised systems and the routers that also became vital in the detection of timeline for the attack.

After setting up all these necessities the team set up a trap through use of a packet sniffer, a laptop that had a software program referred to as EtherPeek that would watch traffic to and from the affected servers. The investigators were able to monitor data that the hacker was sending, including the specific machines that the individual was attempting to access. The investigators then loaded the files with dummy credit cards that contained information barring the hacker from noticing that his actions were subject to monitoring (University, C., 2016). The last program was the Tipwire alarm that would enable the investigators to see the actual compromise the hacker was doing. It even became sophisticated enough to allow for creation of a signature that would look for on the sniffer program to visualize the actual time and place where the hacker attacked. So when the hacker snuck in to start off the fraud, through copying of the credit-card information that had been backed up by Company A, the hacker was caught immediately.

Stages of the investigation and strategies used.

Discovery:

The investigators conducted an exhaustive discovery process to lay ground for the advanced stage of work. They had to visit the company site next to verify fraud patterns.

Lay of land:

The forensic team studied various diagrams in order to learn Company As layout of computer network. The study sought to find out whether there existed any vulnerability.

FBI Assistance:

It was the stage that required law enforcement in order to proceed with the investigation. The assistance was majorly related to aspects of data collection and any other security need was deeply captured with the assistance of the FBI.

Foot prints:

The team had to keenly look into the various footprints that the hackers could have left behind. The team simply looked at the files and respective audit logs for clues that aid them with the investigation.

Live prey:

It involved looking for finer details with respect to the dates and time stamps that could presented a staging point where the hackers gained access to the servers.

Sewing up the breaches:

It involved locking out the hackers efforts to penetrate the network and to obtain any confidential information related to the whole exercise. The team purged data into the card holders from the organizations systems with respect to the industrial standards.

Setting the trap:

The FBI and the Ubizen team formulated three components for the trap, namely the packet sniffer, a laptop with Etherpeek installed in it and a Tipwire program.

Hooked:

When the hacker attempted his snuck in to start off the fraud, through copying of the credit-card contents that had been saved by Company A, the hacker was caught immediately.

Aftermath:

After the successful trapping of the hacker, the investigation continued to discover the severity of the hack and try to find out the actual number of credit cards had been rendered vulnerable.

Target:

These targets asserted that several intruders had tried accessing the system through a backdoor that the original hacker had left. The team also went further identifying all the machines that had their networks compromised.

Recommendations:

The final step involved here to present appropriate measures for both parties to observe in the wake of cyber related criminal activities. An important recommendation for Company A was the frequent conducting of vulnerability scanning to ensure that the companys network systems are safe.

Other accomplishments apart from catching the hacker:

Another aim apart from identification and catching the criminal was the actual assisting of the law enforcement agencies to gather additional evidence to clarify that the breach was from duplication of credit cards that are used in the present types of transactions that used the card-based system (University, C., 2016). The objective was accomplished through the assistance of the FBI Data Analysis Department to collect vital data with Company A premises such as footprints, mirror images and conducting interviews.

The type of cybercrime involved in the article and how offender fits the features of the cybercrime type:

The form of cybercrime here is hacking. The offender fits in this set up since he fraudulently accesses the credit card associations computer networks and alters vital information of different card holders.

Reference

University, C. (2016). myCSU - Columbia Southern University Portal. Search.proquest.com.libraryresources.columbiasouthern.edu. Retrieved 5 May 2016, from http://search.proquest.com.libraryresources.columbiasouthern.edu/criminaljusticeperiodicals/docview/231156268/BD0FEB457AC148B1PQ/1?accountid=33337

sheldon

Request Removal

If you are the original author of this essay and no longer wish to have it published on the SpeedyPaper website, please click below to request its removal: