Midterm Essay

Authentication is the act or process of confirming that something (or someone) is who it claims
to be. The part that is identified is called a tester. The party that verifies the identity is called the
"Verifier". It is common for the tester to be a user who wants to access certain resources and the
Verifier is a system that protects access to those resources and has to verify that the user who accesses
is a user who has permissions to access those resources. In order to have authentication it is necessary,
as a precondition, the existence of identified identities in such a way that their identification is allowed.

How did the attackers evade the user authentication layer? An attacker gains access to a device,
service or server with the privileges of an authorized user by evading or the authentication mechanism.
At this moment the attacker is able to access the protected data without facing authentication process.
This means the attacker uses a shortcut, because the attacker never goes through the security
checkpoints. This is the result of the person doing the attack using a different access procedure that
does not go through the proper checkpoints where authentication should occur. In this case the
attackers used a virus to evade the authentication process in this case a trojan horse virus.

A Trojan or Trojan horse is a type of malware that is often camouflaged as legitimate software,
in this case camouflaged as a pdf file. The most popular way to deliver this virus is through phishing
emails or files. The attachment and the link provided might look like a normal file, but it really contains a
Trojan horse. Clicking on the file installs automatically the virus before the user can even notice. Once a
Trojan horse is installed many things can occur, for example, data deletion, data lock, data modification
and Interruption of the performance of computers or computer networks.

How did the attackers know the schedule of the transactions? The attackers knew the
transaction was scheduled for every last Friday of every month because of one of the many functions of
the Trojan horse. Once the Trojan is installed, the virus can record everything the victim types and sends
it back to the hacker. Using this feature is how hackers obtained passwords, sensitive information and
the dates of transactions as well. Because of the information given, we can conclude that the hackers
used two types of Trojans, Backdoor Trojan and Banker Trojan. The first one designed to provide remote
control of the infected computer to cyber criminals. These Trojans allow cyber criminals to do
everything they want on the infected computer, such as send, receive, start and delete files, display data
and restart the computer. Backdoor Trojans are often used to link a set of infected computers to form a
botnet or zombie network that can be used for criminal purposes. The second one designed to steal
your bank details from online banking systems, electronic payment systems and debit or credit cards.

Did the attackers target the bank’s databases? The attackers did not focus on the bank
databases at first. Their main target was to monitor and analyze the way the bank was doing the
transactions, the dates, times and who was doing those transactions. Once they gathered all that
information, they moved to the next step which was to access the databases and steal all the money
they could by transferring it to a foreign bank.

How do you prevent this attack? To prevent this attack from happening the best thing to do is to
install a powerful anti-malware software, this will prevent Trojans to execute and will notice the person
about it instantly. Trojans are called that because they need your permission to run on the computer,
and they get it if you run the program yourself or if you open a document or image that runs the
program, another way to stop this from happening is to never open a suspicious file. To keep your
Internet connection as secure as possible, always use a firewall. Both software and hardware firewalls
are excellent when it comes to controlling malicious Internet traffic and can often prevent downloading
Trojans to your computer. Focus more on specified cyber security training, letting people know that a
hacker attack can occur anytime and that hackers are anywhere, with that mentality employees will be
more aware and to double check all security processes. And finally, but not less important is to have a
well-designed team of workers. Sometimes is more beneficial to have a small team that care about each
other than thousands of employees that don’t know their names, because in a small team people
develop affection between each other so that each member of the team become important and the
other members care to much about them to the point they deserve the best for the team-mates and
this benefits the company.