CJ 308 Project Two Module 7
pptx
keyboard_arrow_up
School
Southern New Hampshire University *
*We aren’t endorsed by this school
Course
308
Subject
Information Systems
Date
Jun 27, 2024
Type
pptx
Pages
11
Uploaded by DrPowerLyrebird26
Cybercrime
Investigation and Prosecution
Chelsea Simmons
Thomas Payne
June 21, 2024
Executive Summary
Scope of the debrief
Possible causes for the attack
Gaps Assessment
Gaps identified the documented response to cybercrimes
Risk assessment: exposure level
Legal Accountability Legal considerations and internal accountability
External legal considerations
Prepare a search warrant
Recommendations
Recommend appropriate actions for responding to and prosecuting cybercrimes
Justify the actions recommended
Conclusion
Lesson learned
Next steps
Table of Contents:
2
Executive Summary
Scope of Debrief:
•
A hack was caused by a compromise at the Wellness Health Group. The company's cybersecurity system was outdated.
•
An employee of WHG assisted a Russian cybergang in carrying out a cyberattack.
•
Subsequent research revealed that the worker was using Bitcoin to sell drugs on behalf of the cyber gang.
Cause of Attack:
•
The Russian cyber gang was the one who planned the attack, giving them complete access to the computer system used by The Wellness Health Group.
•
The employee who established holes in the company's cybersecurity system made this assignment easier.
3
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Gaps Assessme
nt
4
Gaps:
•
The IT division failed to offer a satisfactory explanation for the attack.
•
The company's network was not designed to catch and stop malware from spreading quickly.
•
The speed at which data was being stolen may have been reduced if the IT staff had taken prompt action.
Risk Assessment:
•
The virus application allowed for unauthorized access, exposing and erasing the organization's data. •
Unauthorized access to the organization's emails was also made possible by this incident.
•
The organization's reputation will be harmed by this breach. The public will likewise become less trusting. This malware attack resulted in a substantial loss of sensitive data.
Legal Accountabil
ity
Legal Aspects and Internal Responsibility:
•
The individual accountable for the cyberattack and drug sales will face charges.
•
A search warrant must be obtained to gather digital evidence against the employee.
•
The length of the employee's sentence, if found guilty, will depend on how serious the cyberattack was.
•
Extended jail time and penalties may be imposed as punishment, contingent on the seriousness of the offense.
•
The Wellness Health Group's IT department may face consequences for the hack since they lacked security measures to guard private information.
•
Clients may sue The Wellness Health Group for failing to protect sensitive information, and they may also be charged for the financial losses incurred by clients and consumers.
5
Legal Accountabilit
y
Continued
External legal considerations:
•
If the Wellness Health Group failed to notify the appropriate authorities of the cyberattack promptly, they may be prosecuted. •
The Wellness Health Group may face legal action for settling the ransom that the Russian cybergang requested in exchange for the decryption key.
•
"Governments, supported by legislation, have united in their stance against paying ransomware. According to a 2020 decision by the Financial Crimes Enforcement Network (FinCEN) and the Office of Foreign Assets Control (OFAC) of the U.S. Department of Treasury, the majority of ransom payments are unlawful (Acronis, 2022).
6
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Recommendation
s
7
Recommendations for response and prosecution:
•
Informing informal clients of a data breach is legally required by the Wellness Health Group (Goldsmith et al., 2020). The security team and IT department must look into the circumstances behind this cyberattack. They must ascertain how they got into the system and what has to be done to defend against such attacks in the future. •
A Data Protection Officer should be employed by the company to supervise and coordinate with authorities as needed. A DPO ought to be present when handling a significant amount of personal data (Lord, 2022).
•
According to Wills (2019), "The absence of an incident response plan or its improper implementation by an organization may result in severe legal consequences.". The company should seek advice from data protection lawyers in addition to engaging a DPO to assist with creating a "security incident response strategy." This would prevent any legal issues in the future
.
Recommendation
s
8
Justification for recommended actions:
•
If another breach occurs, data recovery and system reset should be prepared and accessible to minimize business impact.
•
To assist in creating a press release informing the public about the breach and the actions being taken to address it, the company should get in touch with their public relations department.
•
To assist in resolving any legal concerns that may develop as a result of the breach, a DPO and legal advice should be available. They ought to be knowledgeable about protecting privacy and data (Lord, 2022).
•
A staff that is solely responsible for informing clients should be established to respond quickly.
Conclusion
9
Lessons Learned:
•
The company should improve its network to stop viruses and malware from spreading quickly to defend against any future attacks.
•
Employees shouldn't be granted access that gives them complete control over the system by the corporation. This is something that should only be distributed to IT department employees.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Conclusion
10
Next Steps:
•
Background checks should be performed before hiring new staff to make sure they are qualified for the position.
•
Every month or every quarter, the company ought to create a backup copy of any sensitive information. This will reduce the amount of time it would take to "ransom" data in the event of another assault.
•
It is important to train the IT department on how to respond quickly to a cyberattack. To stop future assaults, the IT department should instruct all other staff members on how to spot a malware attack.
References
11
Acronis (2022, May 24) The Legal Implications of Paying Ransomware Demands: The Evolving State of Ransomware. https://www.acronis.com/en-us/blog/posts/the-legal-implications-of-pa
ying- ransomware-demands-the-evolving-state-of-ransomware/
Goldsmith, J., Standish, D., & Temkin, B., (2020, Nov. 9) When Should Law Firms Notify Clients About Data Breaches? https://www.americanbar.org/groups/business_law/publications/blt/202
0/11/data- breaches/
Lord, N., (2022, Dec. 28) What is a Data Protection Officer? https://digitalguardian.com/blog/what-data-protection-officer-dpo-lear
n-about-new-role-required-gdpr-compliance
Powered by TCPDF (www.tcpdf.org)
SNHU. (2021, November 3). Ransomware Scenario Overview[Video]. YouTube. https://www.youtube.com/watch?v=p6yOKeJq4gM&ab_channel=SNH
UMedia