This attack was a combination email spoofing and social engineering. The attacker was able to intercept emails that were intended to notify relevant individuals of the payroll incident. This led to the attacker being able to obtain sensitive, confidential information from the auditor which the attacker then used to modify payroll to their benefit - and the detriment of others. This social engineering attack relied on impersonation and earning trust without
Why(2) : Many of the users used weak passwords which can be easily guessed by the hackers. Weak security measures was also an important reason which inlcudes weak encryption of the passwords by using outdated techniques for encryption. Updated security tools and strong password encryption might have helped to prevent this attack.
As soon as we were notified of the fraudulent transactions my security team, along with the network engineers, performed a thorough investigation of how such attack had occurred. Once we were able to view all logs and audit data it came to our attention that the data did not appear to be stolen from our network. All transactions performed were done so with the appropriate credentials.
An attack that was not mentioned in the scenario was social engineering. The employee that manipulated the system used social engineering as well to convince the auditor that not only did the emails get sent by the person to whom they were
A1. The Nature of the incident was that an employee was able to hack into the computer system and gain access to the financial payroll system, human resources and even email system. This employee used several methods in order to gain access into the system: IP spoofing, Data modification, Man in the middle attack and compromised-key attack. As a result the employee was able to tamper with payroll system. An auditor discovered the discrepancies and tried to make upper management aware of the situation through email, but the email was intercepted by the hacker. The hacker impersonated an employee and persuaded the auditor into granting him more access into the system which resulted in additional sabotage into the payroll system. Hacker
TECHNICAL IMPACTS: SEVERE. The severity of this attack is based on the authentication solution unable to detect the user performing an action request. Log audit won’t be available to authentication solution and solution won’t be able to prevent future attacks.
The first of these threats is Social Engineering. Social Engineering according to Social-Engineer.org (2013), is “the act of influencing a person to accomplish goals that may or may not be in the ‘target’s’ best interest. This may include obtaining information, gaining access, or getting the target to take certain action.” The employees themselves are the area of the system affected by this threat. Social Engineering exploits their naivety. General lack of experience in recognizing this type of attack is a major reason for its success. Education on what Social Engineering is and how to recognize attacks coupled with company policies written, put into place, and enforced to prevent individuals from divulging or even having access to certain information no matter the scenario is the recommended course of action.
What type of attack was launched on Sony? The assault on Sony network is believed to have been started with a simple spear phishing attack. This phishing attack allow the hacker group ‘Guardian of peace’ to gain access to the network by stealing network credentials. More than likely the simple phishing cause an un-trained employee to give up their network credentials with out a fight. “Analysis conducted by AlienVault revealed that the source code was specifically designed to target the Sony Pictures. The source code examined by Alien Vault used a simple login and password to gain access to Sony Pictures corporate network”( ). Experts believe that the hacker recycle a previous found code from all ready pre-existing malware, specialist had a look at the code and uncovered that this preexisting code was modified/written and send out by Korean speaking hackers.
intrusion was a result of spear phishing campaign, which typically involves sending a seemingly genuine
The same source is pointing to Fazio Mechanical Systems, the HVAC company that is based in Sharpsburg, Pennsylvania, and services Target and other major retailers, as the point of compromise, which originated with the theft one of the Fazio employee’s login credentials to Target’s HVAC management systems. The attackers were able to escalate the compromised account’s privileges and further gain access to Target’s network, spreading laterally inside the organization. Later it was found that one of
Most of the parts of the assets affected include the computer's software and networks used by the company. This incident was detected in the month of February and as part of the Anthem, Inc. responsibility a formal warning was given right after detecting a possible breach to our software and network, but the hackers had already accessed some of our data.
In fraud committed against organizations, the victim of fraud is the employee’s organization. In frauds committed on behalf of an organization, executives usually are involved in some type of financial statement fraud; typically, to make the company’s reported financial results appear better than they actually are. In this second case, the victims are investors in the company’s stock. A third way to classify frauds is via the use of the ACFE’s occupational fraud definition, “the use of one’s occupation for personnel enrichment through the deliberate misuse or misapplication of the employing organization’s resources or assets” (ACFE, 2010). The ACFE includes three major categories of occupational fraud: asset misappropriations involves the theft or misuse of the organization’s assets, corruption involves the wrongful use of influence in a business transaction in order to procure benefits contrary to their duty to their employer, and fraudulent financial statements involving falsification of an organization’s financial statements for personal gain.
Equifax is one of the three most important credit card reporting agencies that provide information on a person’s credit report. Recently, a small group of criminal and unethical hackers hacked into Equifax. The hack exposed the criminals to millions of social security numbers, birthdates, names and much more. The agency is supposed to be highly secured and trustworthy for most. This incident has put the identity of millions in critical conditions. By describing the threat, protecting against it by using browser and tools, and having good judgment there are several ways to handle a hack like this.
It is the responsibility of the management to hold secure the data and information that they hold on behalf of the clients that they host. This attack was particularly worrying since the corporation is entrusted with highly sensitive government data and the wealth of the American government military information which it should protect from intrusion from external sources. There are also valuable projects for the organization that it protects like
This subject company in this case study is WoolEx Mills. The top management team at the Mills had to act fast to prevent the accusations charged upon them, so that they may venture deep into the United States market. In the process, they had to act in a way that will present the company’s financial statements; cash flows in a way that they did not show any suspicious fraudulent activities. The type of fraud in this case study is known as manipulation of accounts which involves the act of offering the accounts in the way they are not in reality.
The CFO Scott Sullivan forced his henchman, David Myers to see to it that accruals were released from various business units including UUNET. When Myers ordered the accrual release from UUNET’s CFO, David Schneeman, he met resistance. Myers got angry with Schneeman and ultimately found another person to complete the accrual release in order to appease Sullivan, who worked for Ebbers (Kaplan & Kiron, 2007). Bullying was another tactic of this company. Workplace bullies typically target independent employees who refuse to be subservient (Weidmer, 2011). For instance, when Cynthia Cooper, an internal auditor, was made aware of a questionable transfer, she brought it up at an audit committee meeting. After the meeting, Sullivan screamed at her and told her to stay away from that account (Kaplan & Kiron, 2007). Additionally, victims of workplace bullying may experience various symptoms such as weight loss and difficulty sleeping (Namie, 2003). This is exactly what happened to accounting manager Betty Vinson. Sullivan bullied Vinson into releasing accruals. Vinson was eager to maintain her status and did as requested, more than once. Vinson began to lose weight and sleep due to the bullying she experienced and the guilt she carried (Kaplan & Kiron, 2007).