Premium Essay

Tft2 Task 4

In: Computers and Technology

Submitted By statik1983
Words 3994
Pages 16
TFT2 Cyber Law Task 4
Jordan Dombrowski
Western Governors University

Situation Report
It has come to my attention from the security analysts of VL Bank and victims that commercial customers of VL Bank have been involved in identity theft and fraud. Multiple user accounts were created without authorization claiming the identity of our customers. These fake accounts were used to make twenty-nine transfers of $10,000 each, equaling $290,000. The bank transfers were being sent to several U.S. bank accounts of unknown individuals. The U.S. banks involved in the transfers were Bank A in California, Bank B in New York, Bank C in Texas, and Bank D in Florida. After the funds were transferred to one of these banks, the funds were automatically transferred to several international bank accounts located in Romania, Thailand, Moldavia, and China. After further analysis we discovered that the banks affected customers all used computers infected with a keystroke logger virus that collected usernames, passwords, account numbers, personal identification numbers, URL addresses, and digital certificates. The computers infected did not have an anti-virus or security software of any type installed. Additionally, these customers have reported that they have been frequently experiencing spear phishing attacks, which is most likely the way that the keylogging virus software was installed. Finally we concluded that our banks systems have not been breached and no customer data has been stolen except for the few business customers whose personal business computers were compromised. Aside from the customer, the only other individual who has copies of the digital certificates used by the customers as well as account access, is the VL Bank’s account manager. As quoted from Steven Cox the CEO of the Better Business Bureau “business identity theft is a very real concern in today’s…...

Similar Documents

Premium Essay

Tft2 Task 4

...TFT2 Task 4 As the chief information security officer for VL Bank, we were notified by several of our commercial customers of unauthorized wire transfers in an amount greater than $290,000. This is very concerning since we take pride in our information security. As soon as we were notified of the fraudulent transactions my security team, along with the network engineers, performed a thorough investigation of how such attack had occurred. Once we were able to view all logs and audit data it came to our attention that the data did not appear to be stolen from our network. All transactions performed were done so with the appropriate credentials. Once we determined that the data breach did not occur on our network we worked with the customers to check their personal computers. We discovered that all the information was gathered from the customers with a key-logging virus that collected the usernames, account numbers, passwords, personal identification numbers, URL addresses, and digital certificates used to access the VL Bank online banking site. Further investigation showed that there was not adequate virus protection on these PCs. The key-logging virus originated from a phishing email impersonating VL Bank and asking the customer to load the latest security software to protect from identity theft. The customers reported the fund transfer immediately (within 48 hours) and they are protected under the Electronic Fund Transfer Act (EFTA). This states that as long as the...

Words: 1403 - Pages: 6

Premium Essay

Tft2 Task 2

...handled by a case-by-case basis, and reviewed by the Security and Information Technology Committee.   4. Governing Standards   Asset Inventory Control (ISO 27002:2005, 7.1.1) (NIST, 164.312(a)(1)) Protection from Malicious Software (NIST, 164.308(a)(5)(ii)(b)) User Authentication for External Connections (ISO 27002:2005, 11.4.2) Isolation for Sensitive Systems (ISO 27002:2005, 11.6.2) Acceptable use of assets (ISO 27002:2005, 7.1.1)   New Application Deployment and Testing Procedure   1. Purpose   This policy defines standards for new application testing and deployment. These standards are designed to ensure that new applications and services are properly hardened, and all test data and accounts removed before placing into production.   2. Scope   This policy applies to all applications that connect to and/or get installed on any asset that is managed by hospital IT. This policy includes all web applications, database connectors, desktop software, and server application services.   3. Policy   General   1. All default user accounts will be removed or renamed before being placed into production. 2. All default passwords will be changed to comply with the hospital's Password Policy 3. If the application offers any Single-Sign-On options that connect to existing authentication services, this will be configured and preferred over any other password mechanism. 4. All configuration directories and data stores will be encrypted. 5. If automated......

Words: 1416 - Pages: 6

Premium Essay

Task 4

...Task 4 Sarah Phillips Willow Bend Hospital’s compliance does indeed have multiple deficiencies and is in need of review as many were updated in 2009 and 2010. All information on deficiencies would be found on the latest updated version of the Joint Commission Information Standards. This should be located within the Corporate Compliance/Risk Manager’s office. As this information is not currently available to this writer without a subscription and fee, I must use the information available to me. So expansion and explanation of policy details are limited. In 2010, the policy addressing terminology and abbreviations was integrated into the Information Management standards as elements of performance 2 and 3 under IM.02.02.0 by Joint Commission. The hospital administration or HIM administration should have a committee to ensure the terminology and abbreviations are updated and distributed to all clinical areas, are posted within the electronic record system, and performed within specific time frames. The policy for addressing backup of electronic information systems can be found in Standard IM.01.01.03. The policy for managing interruptions to information processes is located within this Standard. This standard should be in the HIM department’s policy as well as IT department. The Medical Records Manager and IT Manager should maintain communication as to backups, updates, and scheduled downtime. IT will ensure all hospital employees’ awareness of any......

Words: 808 - Pages: 4

Premium Essay

Tft2 Task 1

...department. All computers have disabled USB ports for security reasons. In order to maintain compliance with Heart-Healthy Insurance, the Gramm-Leach-Bliley Act (GLBA), and the PCI-DSS, the following procedures for new users are in effect: 1. New user accounts are set up and log in information is sent to their email. 2. New users are assigned a temporary password that must be changed within 48 hours. 3. Users are not allowed to share log in information 4. Users must log out of their workstation before leaving the computer. 5. Teleworking (working from home) is not allowed. 6. Accounts from users who are on vacation or medical leave will be disabled. 7. Accounts from users who have been terminated or are no longer with the company are disabled or removed immediately (ISO, 2013). 8. PASSWORD REQUIREMENTS In order to maintain the required security, passwords must: 1. Be a minimum of eight characters long, 2. Have upper and lower case letters, 3. A number 4. A special symbol 5. Must not have repetitive numbers or letters Passwords are changed every 30 days and password reuse is not allowed for the previous six passwords used. Password sharing is not allowed on computers that can access or have patient information on them. Three log in attempts are allowed, if the log in has failed after three attempts, the user account is locked for fifteen minutes before the password can be reset. REFERENCES International......

Words: 496 - Pages: 2

Premium Essay

Tft2 Task 4

...separate location which help the customer to eliminate the duplication a d also to help them to achieve the better economies of scales and open the new businesses the various location. For consolidation of Datanal software, the organization will need them to establish the Access control list and crate the new user policies which will be providing the authorization to authenticate the network process and resources to use. Because of the third party verification, user will be getting the data more confidential and integrative along with the current industry standards, so the software Datanal will ensure the information security with the certain improvement by the compliance of International Trade agreement and Federal patient laws. Section 4 Statement of Intent Modifications: In the recent years, organization can befit through the best and modern TT relate techniques which may provide the opportunities and higher productivity and greater customer satisfaction, So the small firms can also use the full potential by the highly skilled technical knowledge which is available by such modern techniques. Thus IT security Management processes is quite helpful in protecting the Finman’s data and resources. Recommendation for Sharing, Retention And Destruction Of Finaman’s Corporate Data By Datanal And Minertek: There are best practices that are developed by information security managements (ISM) which are built on the ISO 27000 series of standards. It gives the four approaches ......

Words: 758 - Pages: 4

Free Essay

Tft2 Task 4

...the case: 1. The $10,000 individual transfers are going to several U.S. bank accounts of individuals before being automatically transferred to several international bank accounts located in Romania, Thailand, Moldavia, and China. 2. The bank’s affected customers all used computers infected with a keystroke logger virus that collected usernames, passwords, account numbers, personal identification numbers, URL addresses, and digital certificates. These computers did not have antivirus or security software installed. 3. The bank’s customers are frequently experiencing what is known as spear phishing attacks against them, which are fake e-mails that resemble normal business e-mail messages to customers, but contain the keystroke logging virus. 4. The bank’s systems have not been breached and no customer data has been stolen except for the few business customers whose personal business computers were compromised. 5. The U.S. banks that received fraudulent funds transfers are located in four other U.S. states in addition to VL Bank in Georgia. They are Bank A in California, Bank B in New York, Bank C in Texas, and Bank D in Florida. 6. VL Bank’s account manager responsible for these affected customers has access to copies of the digital certificates used by the customers as well as account access. ...

Words: 405 - Pages: 2

Premium Essay

Tft2 Task 1

...must include a brief statement as to why this user needs an elevated level of access. In addition to these changes if a users status changes, i.e. they are terminated or voluntarily leave the company, they will be immediately removed from the authorized users database. Password Policy The new policy that will be put in place for all passwords, including existing passwords, will be as follows: * Cannot contain username * Must contain 3 uppercase letters * Must contain 3 lowercase letters * Must contain 3 numbers * Must contain 3 special characters * Must be changed every 90 days * May not be repeated until 6 other passwords have been used * May not be changed more frequently than every 14 days * After 4 unsuccessful login attempts the user will be locked out for 30 minutes * After 15 minutes of idle time, the user will be required to re-enter their credentials * The use of shared passwords on any system is strictly forbidden The changes that have been made to these two policies are to ensure we are compliant with HIPAA, GLBA, and PCI-DSS. The proposed new user policy will be in line with the guidelines set forth in the HIPAA and GLBA regulations, and also fulfills the requirements of sections 8.5.1 – 8.5.8 of PCI-DSS. The previous version of this policy did not explicitly explain the use of least privilege or what is required when a users’ access level needs to be increased. With this new policy will not only be......

Words: 598 - Pages: 3

Premium Essay

Tft2 Task 1

...Customer Service officer | * | * | | * | Cashiers/Agents | * | * | | * | Marketing | * | * | * | | 1. Access control policy: Who has access to authorized system for business applications? Users will be authorized to use only the systems that pertain to their roles. 2. User access: Employees are granted information access through passwords and RSA tokens. Users will appropriate authorization through authentications will be able to access position related materials. Users will be given unique ID’s to access HHI’s computer systems. 3. User responsibilities: Through training users are educated and made aware of access responsibilities. Users will not share sensitive information from HHI. 4. Network access: Access to the network will be set on roles and responsibilities of the position that is acquired. No access is granted unless authorized. 5. Remote access: Will be encrypted and have limited access to sensitive information. This access will be granted by role based positions and will monitor inbound and outbound data. 6. Application access: Users with authorized access to programs for financial transactions will be trained for compliance to PCI DSS standards Compliance requirements for PCI DSS * A secure network must be built and maintained by installing a firewall with the configuration that is necessary to protect cardholder data and customer personal information * When card data is......

Words: 932 - Pages: 4

Premium Essay

Tft2 Task 4

...t2 Task 4 In: Computers and Technology Tft2 Task 4 TFT2 Task 4 As the chief information security officer for VL Bank, we were notified by several of our commercial customers of unauthorized wire transfers in an amount greater than $290,000. This is very concerning since we take pride in our information security. As soon as we were notified of the fraudulent transactions my security team, along with the network engineers, performed a thorough investigation of how such attack had occurred. Once we were able to view all logs and audit data it came to our attention that the data did not appear to be stolen from our network. All transactions performed were done so with the appropriate credentials. Once we determined that the data breach did not occur on our network we worked with the customers to check their personal computers. We discovered that all the information was gathered from the customers with a key-logging virus that collected the usernames, account numbers, passwords, personal identification numbers, URL addresses, and digital certificates used to access the VL Bank online banking site. Further investigation showed that there was not adequate virus protection on these PCs. The key-logging virus originated from a phishing email impersonating VL Bank and asking the customer to load the latest security software to protect from identity theft. The customers reported the fund transfer immediately (within 48 hours) and they are protected under the Electronic Fund...

Words: 1413 - Pages: 6

Free Essay

Cyberlaw Tft2 Task 2

...needed. A manager’s approval is required to grant administrator level access.” There are procedures for creating new user account profiles. HIPPA requires that an Information Security Officer (ISO) must be assigned to the network account profiles. This appointed person(s) is usually the network or system security administrator of the organization. Once this role is assigned, the security administrator can create network profiles and assign the new user to such specified profile. The network profiles are implemented in accordance with least privilege access. This means that data intended for use will only be available to the specified profile. This method protects the privacy of the data during transmission. This process complies with the 4 standard Federal regulatory requirements stated in this policy: FISMA, HIPAA/HITECH, GLBA, and PCI-DSS. Once the network account profiles are created, a new user is created and assigned. To implement a strong access control measure, a unique user identifier must be assigned to the new user account. Before the new user account is activated, the network or security administrator will need to validate the identity of the person receiving the new user account. Individuals should allow anyone to use his or her account. This process complies with the PCI-DSS standard. Proper training will need to be implemented for the individual receiving the new user account. This is done to ensure the awareness of the CIA triad and potential security risks....

Words: 971 - Pages: 4

Premium Essay

Tft2 Task 3 V1.Docx

...Introduction             A number of issues were discoveredupon review of the initial Service Level Agreement (SLA) draft. A great deal of problems arose with the key clauses lacking proper definition. Other areas that need review with the SLA include adding cyber law compliance and a need for the proper documentation preparation. The recommended changes that need to be made to the initial SLA are written below in a per-clause basis. Initial SLA Clause 4, Statement of Intent The original statement of intent makes claims about leading research and knowledgeable consulting firms without listing any references. These claims need an identifiable source to be included in the finalized statement of intent. The claims suggest that utilizing the smaller firm’s specialized products is the best approach to improve Finman’s business. Basing the entire SLA upon these statements is incredibly risky if these statements cannot be sourced and assessed as factual. Finman’s corporate resources may be placed under threat of lose or destruction if these sources are not verified and the entire notion of working with Datanal and Minertek should not move forward until this happens. Finman states, in the initial SLA, that service level management (SLM) “…offers the most promising strategy for the firm…” without detailing the methodology or listing reference material. This methodology of SLM may be part of the metric clause (7). This statement needs inclusion in the final documentation if that......

Words: 2292 - Pages: 10

Free Essay

Tft2 Task 1

...technologies and defined for proper use of these technologies (PCI DSS 12.3). With this first policy an organization with prohibit or allow the usage of equipment and/or accounts depending on the individual’s permitted access. 2. Explicit approval by authorized parties (PCI DSS 12.3.1). This policy will grant specific approval by management to match the business needs. Proper approval to individual personnel will create a secured environment with critical systems. 3. Authentication for use of the technology (PCI DSS 12.3.2) Personnel will use passwords to authenticate the access they have to specific technology. This will hinder any individual who is trying to breach the environment and gain access to critical information. 4. Automatic disconnect of sessions after a specific period of inactivity (PCI-DSS 12.3.7) Users must log out if they plan to step away from their accounts and/or devices. Automatic log-off will stop any individual who is trying to gain access to the system without authorization. 5. Administer user accounts, including additions, deletions, and modifications (PCI-DSS 12.5.4) User accounts will be administered by the appropriate personnel. This responsibility will assure that any person in the organization has the correct information along with the correct access. 6. Educate personnel upon hire and at least annually (PCI-DSS 12.6.1) Security awareness will be given to each individual to assure that methods of communications and......

Words: 627 - Pages: 3

Premium Essay

Tft2 Task 2

...management is by ITIL as “Access management is the process which grants authorized users the rights to utilize the services and at the same time prevents unauthorized access. This process is also known as identity and access management (IAM) (ITIL, n.d.) .” There are several topics that fall within the topic of access management lifecycle. This seven-part cycle is composed of requesting access, verification, providing rights, monitoring identity status, logging and tracking access, and removing or restricting access rights. The three most pertinent rights are monitoring identity status, logging and tracking access, and removing or restricting access right for this case in question. As per advisera.com the ITIL access management section states, “4. Monitoring identity status Working within any organization means that employees will come and go, and change functions and positions; therefore, their needs for IT services will change accordingly. Access Management should understand the lifecycle of a typical user of IT services in order to prepare and automate its own processes accordingly. “When preparing such processes, Access Management is responsible to design them in such a manner that will enable an easy change of user status, or group transfer, with a clear and recorded audit trail. 5. Logging and tracking access Ensuring that rights provided are used properly, Access Monitoring and Control must be included in monitoring[->0] activities of all Service Operation......

Words: 3049 - Pages: 13

Premium Essay

Tft2 Task 1

...Information Security New Users: New users will be added into active directory where access will be granted in accordance to the roles that the new user will be assigned (HIPAA §164.308 Administrative safeguards (4) (i) Standard: Information access management). New user roles will be determined by the position in which the user has been hired. New users will have a unique login in and password for accessing computer systems (HIPAA §164.308 Administrative safeguards (3)(ii) (A) Authorization and/or supervision). User access will be need to know basis only. Any additional access will have to be approved by a senior level manager (HIPAA §164.308 Administrative safeguards (4)(i)(ii)(C) Access establishment and modification). Password Requirements: All passwords must meet or exceed the following guidelines • Contain at least 12 alphanumeric characters. • Contain both upper and lower case letters. • Contain at least two numbers. • Contain two special characters (for example,!$%^&*()_+|~-=\`{}[]:";'?,/). • Passwords cannot be found in a dictionary, including foreign languages. • Passwords will change every 60 days. Passwords should never be written down or left out in plain view. All logins and passwords will be maintained by active directory. Three incorrect password attempts will lock the user account. The account can will only be unlocked by the system administrator after the identity of the user has been verified. Users should never share passwords with anyone...

Words: 293 - Pages: 2

Premium Essay

Tft2 Task 1

...CYBERLAW Introduction: Due to policy changes, personnel changes, systems changes, and audits it is often necessary to review and revise information security policies. Information security professionals are responsible for ensuring that policies are in line with current industry standards. Task: A.  Develop new policy statements with two modifications for each of the following sections of the attached “Heart-Healthy Insurance Information Security Policy”: 1. New Users 2. Password Requirements   B.  Justify each of your modifications in parts A1 and A2 based on specific current industry standards that are applicable to the case study.   C.  When you use sources, include all in-text citations and references in APA format. A. Develop new policy statements with two modifications for each fo the following sections of the attached “Heart-Healthy Insurance Information Security Policy”;: 1. New Users: I would change the access from what is requested to what is required for the job and that both a supervisor and the employee sign the access sheet for a check and balance of rights to the system. I would also modify just needing a manager’s approval to grant administrator level access to requiring the manager’s and the IT directors or HIPAA regulator’s approval. There needs to be a very good reason that is properly documented showing the need to allow administrative level access B. Justification of the modification. . Access controls provide......

Words: 662 - Pages: 3