In a case study, bank customers had their accounts hacked because the customers (accidentally) installed Trojans because of fake emails they received (spear phishing). As a lawyer, what information would you want from the security team?
As a lawyer, I would want evidence of those emails--what website they went to, etcetera. I would also request information on the encryption process of passwords and firewalls to show the defenses the bank had in place. It would also be useful to demonstrate how quickly the intrusion was detected and by whom. Activity logs of data showing what packets were sent and to what IPs would potentially be helpful in limiting the damages and tracking down the hacker.
Yes, and I would advise making a forensic copy of the bank system from the time of the fraud/discovery to prevent accusations of data tampering; also, if it were at all possible to have proof that the hacker not only received the money, but spent it, your case would be strengthened even more.
Apr 26th, 2015
Are you studying on the go? Check out our FREE app and post questions on the fly!