Scribd
Upload
11 views4 pages

Case Study Assignment

The document presents three case studies highlighting cybersecurity incidents faced by different businesses, including ATM skimmer fraud, keylogger intrusion, and a phishing attack leading to wire fraud. Each case outlines the attack mechanisms, responses to the incidents, and the financial impacts on the firms involved. The document also poses discussion questions aimed at evaluating alternative strategies and preventative measures to enhance cybersecurity resilience.

Uploaded by

Tiya Nagpal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
11 views4 pages

Case Study Assignment

The document presents three case studies highlighting cybersecurity incidents faced by different businesses, including ATM skimmer fraud, keylogger intrusion, and a phishing attack leading to wire fraud. Each case outlines the attack mechanisms, responses to the incidents, and the financial impacts on the firms involved. The document also poses discussion questions aimed at evaluating alternative strategies and preventative measures to enhance cybersecurity resilience.

Uploaded by

Tiya Nagpal
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Case Study 1: Cybersecurity in Action - The ATM Skimmer Fraud

A consulting firm, composed of 10 employees, dispatched a team to South America for


a client-related project. During their visit, an employee used the company's business
debit card at a local ATM for transaction purposes. Unexpectedly, a month following
their return to the United States, the firm encountered a financial anomaly. They were
notified by their bank of several overdraft alerts, leading to the discovery of
unauthorized withdrawals totaling $13,000, all traced back to South America,
accompanied by an overdraft fee of $1,000.

The Attack Mechanism

Investigations revealed the method of attack: cyber criminals had ingeniously installed a
skimming device on an ATM used by the employee. This device captured the debit
card's account information, enabling the fabrication of counterfeit debit cards. These
were then used to execute multiple fraudulent transactions across various ATMs in
South America.

Response to the Incident

Upon realizing the fraud, the firm immediately contacted their bank to report the incident
and proceeded to close the affected account. Their efforts to seek reimbursement
proved futile due to the nature of the commercial account's security protections, which
differed significantly from those of consumer accounts. Consequently, the firm was held
accountable for the losses, including the overdraft fee, which was deducted from the
firm owner's personal account. In response, the consulting firm decided to discontinue
their relationship with the involved bank and partnered with a new banking institution
offering enhanced fraud protection services. Moreover, the firm restructured its financial
management approach by creating two separate business accounts, one for incoming
funds and minor transfers, and another for handling small-scale expenditure payments.
Additionally, the firm revised its travel and expense protocols, prohibiting the use of
company-issued debit cards for overseas transactions. Employees were advised to opt
for prepaid electronic payments, cash, or credit cards for travel-related expenses.

Impact and Losses

This incident significantly impacted the consulting firm's financial stability, erasing their
entire cash reserve and incurring a total loss nearing $15,000.

Discussion Questions

1. Reflecting on the firm's actions post-incident, what alternative strategies or


measures could have been implemented to address the situation more
effectively?
2. Considering the breach, identify and discuss potential preventative strategies
the firm could have adopted to avert such a security incident.

3. Evaluate the susceptibility of your own business to similar cybersecurity


threats. What steps or measures would you implement to mitigate the risk of
such incidents occurring within your business environment?

Case Study 2: The Keylogger Intrusion - A Cybersecurity Crisis at a


Construction Company

A small, family-run construction business, heavily reliant on online banking and


Automated Clearing House (ACH) transfers for its financial transactions, faced a severe
cybersecurity breach. The company employed dual-level authentication for its
employees, including individual and company-specific IDs and passwords,
supplemented by two security questions for transactions exceeding $1,000.
Unexpectedly, the owner received an alert about an unauthorized ACH transfer of
$10,000. Further investigation revealed a shocking reality: within a week, cybercriminals
had executed six transfers totaling $550,000 from the company's accounts. The breach
was traced back to an employee who, deceived by a phishing email disguised as a
communication from a supplier, inadvertently downloaded malware, allowing attackers
to infiltrate the company’s network.

The Attack Explained

The cybercriminals deployed a keylogger malware, a pernicious software designed to


covertly record every keystroke made on the infected computer. This allowed them to
capture critical banking login credentials and facilitate unauthorized access to the
company’s financial accounts, initiating fraudulent transfers.

Response to the Breach

Upon detection, the company acted swiftly by notifying their bank, which managed to
recover $200,000 of the stolen funds in the initial weeks. However, the company still
faced a substantial financial loss of $350,000. To exacerbate the situation, the bank
utilized the company’s line of credit, amounting to over $220,000, to offset the fraudulent
transactions. The absence of a prior cybersecurity strategy significantly delayed the
company’s response to the breach. Subsequently, the company engaged a
cybersecurity forensic team to conduct a thorough review of their systems, identify the
breach's origin, and recommend necessary security enhancements.

Impact and Recovery

The breach forced the company to terminate its existing bank account and initiate legal
proceedings in an attempt to recoup its losses. Fortunately, through legal intervention,
the company managed to recover the remaining $350,000, along with interest.
However, the costs associated with the time spent and legal expenses were
irretrievable.

Discussion Questions

1. Given the company’s reaction to the cyber attack, consider and discuss any
different actions or measures that could have been taken to handle the situation
more effectively.

2. Analyze and identify potential preventive measures that the company could have
implemented to avoid such a cybersecurity incident. What steps could have been
taken to fortify their digital defenses against phishing and malware attacks?

3. Reflect on the vulnerability of your own business to similar cyber threats. What
proactive measures or strategies would you implement to minimize the risk of
cyber attacks and enhance your company’s cybersecurity posture?

Case Study 3: Hotel CEO Finds Unwelcome Guests in Email Account

The CEO of a boutique hotel realized their business had become the victim of wire fraud
when the bookkeeper began to receive insufficient fund notifications for regularly
recurring bills. A review of the accounting records exposed a serious problem. At some
point a few weeks before, the CEO had clicked on a link in an email that they thought
was from the IRS. It wasn’t. When they clicked the link and entered their credentials, the
cyber criminals captured the CEO’s login information, giving them full access to intimate
business and personal details.

Attack

Social engineering, phishing attack. A phishing attack is a form of social engineering by


which cyber criminals attempt to trick individuals by creating and sending fake emails
that appear to be from an authentic source, such as a business or colleague. The email
might ask you to confirm personal account information such as a password or prompt
you to open a malicious attachment that infects your computer with malware.

Response

The hotel’s cash reserves were depleted. The fraudulent transfers amounted to more
than $1 million. The hotel also contacted a cybersecurity firm to help them mitigate the
risk of a repeat attack.
Impact

The business lost $1 million to an account in China. The funds were not recovered.

Discussion Questions

1. Knowing how the firm responded, what would you have done differently?
2. What are some steps you think the firm could have taken to prevent this
incident?
3. Is your business susceptible to this kind of attack? How are you going to reduce
your risk?

You might also like