Cybercrime, Deviance and Virtual Society

  In recent years, there have been a massive number of hacks and cyberattacks affecting sensitive personal data stored online. Most of these operate as mass data breaches, where attackers exfiltrate sensitive customer data so that it can be sold and used to engage in fraud. At the same time, we have seen the growth of ransomware attacks which produce functional damage to data, and loss of services. In this paper, you are being asked to conduct research on the ransomware attack against the Lansing Board of Water and Light (BWL). Find as much media reporting as you can on the incident and answer the following questions: 1) How did the infection occur? To the extent that you can find specifics, try to detail the likely path that led the malware payload to be executed. 2) What did the ransomware do to BWL systems and personal data? Be as specific as you can in terms of the harms to the organization and to customers. 3) What did BWL do to make individual victims whole, and how did BWL resolve the attack internally? Were the attackers paid, were they able to mitigate the infection without paying? What was the total cost? 4) What does this incident tell us about the real threat of data breaches and economically motivated cybercrime? 5) Based on what you can find about the incident in total, does this attack likely stem from nation-state sponsored attackers or financially motivated criminals? Explain your rationale using information from both the reporting you found and your readings/materials for the semester.

Sample Solution

     

The ransomware attack against the Lansing Board of Water and Light (BWL) occurred on April 25, 2016. The infection is believed to have occurred through a phishing email that was opened by an employee. The email contained a malicious attachment that, when opened, installed ransomware on the employee's computer. The ransomware then spread to other computers on the BWL network.

Specifics of the likely path that led the malware payload to be executed:

  1. An employee of BWL receives an email that appears to be from a legitimate source, such as a coworker or a vendor.
  2. The email contains an attachment, such as a PDF file or a Word document.

Full Answer Section

     
  1. The employee opens the attachment, which launches the ransomware.
  2. The ransomware encrypts files on the computer, preventing access to them.
  3. The ransomware displays a message demanding a ransom payment in exchange for the decryption key.

Question 2: What did the ransomware do to BWL systems and personal data? Be as specific as you can in terms of the harms to the organization and to customers.

The ransomware attack caused significant disruption to BWL operations. The utility's accounting and email systems were shut down, and phone lines were also affected. Customers were unable to make payments or report problems. The attack also raised concerns about the security of customer data.

Specific harms to the organization:

  • Disruption to operations, including accounting, email, and phone service
  • Loss of productivity
  • Damage to reputation
  • Financial costs associated with responding to the attack and recovering from it

Specific harms to customers:

  • Inability to make payments or report problems
  • Concerns about the security of personal data

Question 3: What did BWL do to make individual victims whole, and how did BWL resolve the attack internally? Were the attackers paid, were they able to mitigate the infection without paying? What was the total cost?

BWL did not pay the ransom. The utility was able to mitigate the infection and restore its systems without paying. However, the attack did have significant financial costs for BWL. The estimated cost of the response and recovery effort was $2 million.

BWL did not provide any information about how it made individual victims whole. However, it is likely that the utility took steps to help customers who were unable to make payments or report problems due to the attack.

Question 4: What does this incident tell us about the real threat of data breaches and economically motivated cybercrime?

The ransomware attack against BWL highlights the real threat of data breaches and economically motivated cybercrime. Attackers are increasingly targeting organizations of all sizes, and they are using a variety of methods to gain access to systems and data.

Data breaches can have a significant impact on organizations and individuals. Organizations can suffer financial losses, reputational damage, and regulatory scrutiny. Individuals can suffer financial losses, identity theft, and other forms of harm.

Question 5: Based on what you can find about the incident in total, does this attack likely stem from nation-state sponsored attackers or financially motivated criminals? Explain your rationale using information from both the reporting you found and your readings/materials for the semester.

Based on the available information, it is likely that the ransomware attack against BWL was perpetrated by financially motivated criminals. The attackers used a common method of attack, phishing, and they demanded a ransom payment in exchange for the decryption key.

Nation-state sponsored attackers are typically more interested in stealing data or disrupting operations than in demanding ransom payments. However, it is possible that a nation-state sponsored attacker could use ransomware as a cover for a more sophisticated attack.

Rationale:

  • The attackers used a common method of attack, phishing.
  • The attackers demanded a ransom payment in exchange for the decryption key.
  • Nation-state sponsored attackers are typically more interested in stealing data or disrupting operations than in demanding ransom payments.

Conclusion

The ransomware attack against BWL is a reminder of the real threat of data breaches and economically motivated cybercrime. Organizations and individuals need to take steps to protect themselves from these threats. Organizations can implement security measures such as firewalls, intrusion detection systems, and employee training. Individuals can use strong passwords, be careful about what links they click on, and be wary of phishing emails.

We are here to help
We have crazy offers
It’s quick and easy to place an order. We have an efficient customer service that works 24/7 to assist you.It’s quick and easy to place an order. We have an efficient customer service that works 24/7 to assist you.

We are here and ready to help

Order Now

IS IT YOUR FIRST TIME HERE? WELCOME

USE COUPON "11OFF" AND GET 11% OFF YOUR ORDERS

PLACE AN ORDER NOW REGISTER NOW