Individual Essay on Cybercriminal Operation.

INSTRUCTIONS

Consider the following cybercriminal operation:

ExtinctionHotel focusses on the Middle East and targets hotels keen to service the burgeoning healthcare conference sector. The attack will take advantage of eager and unaware hotel employees, who will expose sensitive guest information through an apparently harmless spear-phishing emails. Highly legitimate-looking E-mails are crafted to convince the hotel staff of the seriousness of the reservation request. Fake domains with names that reference popular medical institutions will be set up to increase the legitimacy of the spear-phishing emails. The email will be written in Arabic. The attached file will claim to have the details for the medical conference and the names of the guests.

The attack will employ a remote access trojan known as PoisonIvy. A variation would be created to avoid detection from previously known attacks. After installation, several other modules are installed to capture the credit card details of customers and travel agencies. In addition, it makes copies of all stored customers’ personal data including date of birth, email addresses, phone numbers and, most especially, passports.

The attack is monetised by purchasing vouchers (e.g. Amazon) and reselling them for profit on platforms like eBay. The vouchers are sold to customers based in third countries, in an attempt to make tracking a harder task for local authorities. Further, the criminals have purchased programmable EMV chip cards which are used to withdraw large amounts of cash without the knowledge of the owner’s PIN.  [adapted from: source withheld]

Questions

The overall word limit is 2000 words, the word limits for each question are suggestions only, but represent the distribution of marks.

  1. List the actors involved, their roles and abilities. (300 words)
  2. Design four countermeasures (300 words on an engineering, legal, economic and education countermeasure each):
    • Give a clear description of the countermeasure, with sufficient technical detail that it could be implemented
    • Targeted the mitigation to the cybercriminal operation – be creative and specific!
    • Comment on potential implementation issues, and the wider consequences of implementing the countermeasure
    • Discuss the effectiveness and limitations of the mitigation
    • Use references to support your argument.
  3. Rank your countermeasures on their likelihood of success against the cybercriminal operation and explain the ranking. (300 words)
  4. How could the cybercriminals improve their operation considering your top rated countermeasure? (200 words)
    • Give one creative improvement with sufficient technical detail that it could be implemented,
    • Make an argument for the effectiveness of your improvement,
    • Use references to support your argument.
× How can I help you?