Assume a scenario where the hackers gained access to information through malware on Point-of-Sale (POS) systems...

80.2K

Verified Solution

Question

Programming

Assume a scenario where the hackers gained access to informationthrough malware on Point-of-Sale (POS) systems of more than millioncredit and debit card. The firewall had captured the first malwarecode and an alert was issued which was ignored. The hackers starteddownloading the collected data. The cyber criminals have hacked thesystem to gain credit and debit card information.
1. Explain in your own words what happened in the abovediscussed data breach. [5 Marks]
2. Identify and experience the type of attack experienced in theabove scenario [2 Marks]
3. The stolen credentials alone are not enough to access thecompanyâ€™s POS devices. What other means can the hackers acquire toallow them to navigate the companyâ€™s network and deploy themalware. [3 Marks]
4. What would have hackers done for privilege escalation? [2Marks]
5. The organization admitted that they ignored many alerts fromtheir network security devices because of alert overload. If youare the organizationâ€™s Chief Technical Officer (CTO), what wouldyou do to reduce the problem of alert overload? [3 Marks]
6. The security experts criticize the organization for failingto isolate sensitive sections of their networks from those moreeasily accessible to outsiders. As a CTO, please propose a feasiblesolution to segment and categorize your networks and resources. [5Marks]

Answer & Explanation Solved by verified expert

4.0 Ratings (810 Votes)

1 The attack which took place in the given description is a point of sale malware attack which is specially designed for point of sale terminals and related systems with the goal of stealing of payment data and associatedated card data This type of attack is used by the cyber criminals who want to resell the data they captured from the attack on the POS The payment card data is encrypted end to end and is decrypted only at the the RAM memory of the device while the payment is processing The malware attack enters the system through a compromised or weakly secured point and it iterate over the RAM memory to find the payment card data Since in the RAM memory malware can find the an unencrypted data so through the internet connection all these data are sent to to hacker in an unencrypted form IT professionals also referred to the POS malware as a process scanner because it checks for the active processes on See Answer

Get Answers to Unlimited Questions

Join us to gain access to millions of questions and expert answers. Enjoy exclusive benefits tailored just for you!

Membership Benefits:

Unlimited Question Access with detailed Answers
Zin AI - 3 Million Words
10 Dall-E 3 Images
20 Plot Generations
Conversation with Dialogue Memory
No Ads, Ever!
Access to Our Best AI Platform: Flex AI - Your personal assistant for all your inquiries!

Become a Member