Preparation & handling data against a hacker

label Law
account_circle Unassigned
schedule 1 Day
account_balance_wallet $5

In a case study, bank customers had their accounts hacked because the customers (accidentally) installed Trojans because of fake emails they received (spear phishing).
As a lawyer, what information would you want from the security team?

Apr 26th, 2015

As a lawyer, I would want evidence of those emails--what website they went to, etcetera. I would also request information on the encryption process of passwords and firewalls to show the defenses the bank had in place. It would also be useful to demonstrate how quickly the intrusion was detected and by whom. Activity logs of data showing what packets were sent and to what IPs would potentially be helpful in limiting the damages and tracking down the hacker. 

Apr 26th, 2015

This is what I have so far:


  • Temp file of document on hacker's hard drive
  • Document sent through the email server
  • IP transmission of packets from the sender, through the nodes, and to the receiver
  • IP transmission (through a proxy) from the hacker to the bank creating bank accounts
  • Frozen RAM with associated tasks running
  • Hard drive tools associated with hacker tools
  • Sandboxed trojan found on hard drive


  • Trojan found installed with the same application data as found on the hacker's computer
  • Emails found on the hard drive and recipients email server
  • Matching email header details from the hacker's email server
  • IP of the recipient from the email server
  • Matching packet data from sender to recipient
  • Fraudulent acitivities on the victim's account
  • Several wire transfers going outside of several states and to foreign countries.

Would that be enough to finish a case?

Apr 26th, 2015

Yes, and I would advise making a forensic copy of the bank system from the time of the fraud/discovery to prevent accusations of data tampering; also, if it were at all possible to have proof that the hacker not only received the money, but spent it, your case would be strengthened even more. 

Apr 26th, 2015

Did you know? You can earn $20 for every friend you invite to Studypool!
Click here to
Refer a Friend
Apr 26th, 2015
Apr 26th, 2015
Oct 20th, 2017
Mark as Final Answer
Unmark as Final Answer
Final Answer

Secure Information

Content will be erased after question is completed.

Final Answer