Home / Case Study / Key Logger Scam, Case Study Example

Key Logger Scam, Case Study Example

Pages: 3

Words: 888

Computer based crimes are on the rise. Technological advancements and automation of services has brought about numerous advantages as well as limitations. For each technology created or implemented, it appears like there is a subsequent anti-operations program that is put in place. Despite the numerous computer crimes that the society, especially the financial institutions faces, there are measures that are put in place to curb or control the rate at which these crimes are committed.

One of the possible ways to ensure that the security systems of these programs are not interfered with is through thorough review and checking before installation. Before an institution embarks on a changeover strategy, it is necessary to ensure that the program is properly checked and diagnosed for any possible leakages. Any details that might provide the key loggers with hints relating to the passwords should be altered. The system should then be properly tested to compare its safety levels with the then operating program. Full installation of the program should only follow once all the testing and debugging has been done.

The tests conducted to these systems may however reveal 100% efficiency levels, but we still end up going through the same computer crimes as before. What this implies is that there is no full guarantee that the program security is provided. To control any possible crimes related to this, there should be security systems that respond to attempted crimes in a given system or institution. The government can put in place restrictions and penalties against those found guilty of the crimes. This can be done in order to reduce the level at which the crimes are committed. Levying heavy penalties on the criminals will help control the levels of computer crimes.

The other possible measured that the financial institutions can out in place to prevent these crimes is through education and training of the personnel. Some of the crimes usually arise from the use of restricted sites by the employees.

When the employees of institutions click on certain links that are created by the criminals, there may arise a situation whereby the criminals are in a position to access the vital information of the institution. Proper training would therefore limit the possibility of being faced with such crimes.

In the London case, where the criminals attempted to transfer $420 from a London branch of Japanese bank, the technique applied was password cracking. Through the use of Key loggers the criminals were in a position to get access to some of the key passwords to the bank system. The information that was obtained from the key logger programs was used to access some of the most important and restricted data areas, including access codes that were private the banking top managerial staff. This gave the criminals directs access to the bank information that led to the attempted crime.

It is also possible that the criminals also used session hijacking through the internet to enable them get into important accounts of the bank. A combination of these two techniques must have led to successful log in to the private accounts of the bank. These are some of the top most methods that the criminals always use in accessing private information from the banks. Recent crimes related to the same have been witnesses in various regions of the world. It has still been realized that password cracking is still the main method that is usually employed.

There are numerous measures that exist in order to control cybercrimes. One of these is the use of strong passwords or user ID. This should be frequently reviewed and changed to limit the extent to which the key logger programs can access the passwords. It may be able to detect the password, but in changing this password again and again, successful hacking may be limited.

The other technique that exists in controlling computer cries is securing the system through the installation and renewal of active firewalls, anti-viruses, and blocking spyware attacks. This would also limit the extent to which the systems are secured. Other measures include being social media savvy, securing mobile devices, installing latest operating system updates, data protection, securing wireless networks, protecting the e-identity, avoiding being scammed, and calling relevant qualified persons for help. These methods could have been effective if all had been implemented in the London case, especially the one of constantly changing the access codes. The probability of getting to access the data of the bank would have been limited.

Case Study

Other than the example of the attempted London crime, it has been reported that there was recently a cyber-crime ting that targeted US bank accounts. This followed charges put against three foreigners- a Russian, a Latvian and a Romanian. They were accused of creating and distributing a computer program that infected more than 40, 000 workstations in the United States. This was aimed at stealing customers’ bank account numbers and other information. It was known as the Gozi virus led to theft of unspecified millions of dollars according to court documents. Measures put did not bear substantial success in preventing the crimes.

References

Broadhurst, R. G., & Grabosky, P. N. (2005). Cyber-crime: The challenge in Asia. Hong Kong;[Great Britain: Hong Kong University Press.

E-Week (2013). Police Foil $420 Million Keylogger Scam From http://www.eweek.com/c/a/Security/Police-Foil-420-Million-Keylogger-Scam/

Los Angel’s Crimes (2013) URL: http://articles.latimes.com/2013/jan/23/business/la-fi-mo-cybercrime-ring-targeted-us-bank-accounts-feds-say-20130123

Vaughan, D. (1985). Controlling unlawful organizational behavior: Social structure and corporate misconduct. Chicago: University of Chicago Press.