Essay Sample on FIN6

Introduction

Lateral movent it takes place when FIN6 conduct internal reconnaissance successfully with the aid of the batch file window leveraging Anfind to ask active directory and the 7-zip for compression of the outcome for exfiltration process. The results include computers, subnets, groups, trusts, and active directory clients.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

Maintain presence. Within two hours of the initial detection, the system can contain with the help of FireEye security Endpoint. Via this containment, the hacker access the systems are denied a piece of significant forensic evidence will remain intact for analysis if the managed defense's containment and rapid feedback or quick responses of the system FIN6 will not be able to maintain availability to achieve its target as planned. With the aid of different mendiant response incident investigations being done, FireEye observes the FIN6 with the use of similar procedures, tools, and tactics that were used to keep its system during the initial stages.

Complete Mission

FIN6 moves laterally to the server in the new environment using RDP and try to configure them to the transferring server popularly known as Malware which is used to create additional utilities,lockerGoga ransomware and to deploy scripts automatically and rename the files. To make sure there is a high success rate, the domain administrator must have complete control of the windows systems. The ransomware uses the collection of symmetric-key for encryption of files on the host central computer. The data then leave from ransom notes via the root's directory and transferred to the desktop directory.

In 2015, it was reported that FIN6 worked in hand with numerous companies and made payments for is own benefit. That information in turn activates deliver their second threat called Trinity malware set to invade and gain control over PoS terminals to which the criminals could repeatedly return at regular intervals to collect the targeted data from infected systems, compress information in a ZIP file, send vital information from an intermediary host, from to command and control servers where FIN6 directly uploads electronically sold to Dark Web "card shops" where it can be activated to gain millions in a single haul, some $400 million in a single job that gathered data on fully $20,000 credit cards. This report testifies to the value of tracing the steps of cybercriminals to learn their ways from failures of cybersecurity.[1]

Tom Grubb [2] gives five reasons for the great appeal of this kind of crime, and some suggestions to how criminals are uncovered. For one thing, a criminal needs few tools but a computer and internet connection from anywhere in the world. There is low risk in being caught given all the opportunities for mischief that the internet offers. The globalization of technology means that criminals can operate 24/7. Above all the criminals are veiled and can work behind the screen, lest they leave a calling card, say an IPO address by which they may be traced, but computer systems are vulnerable and online criminals skillful. The sending of Phishing E-mail with malicious attachment to retrieve files through the back door will grow ever more sophisticated making the task and responsibilities of cybersecurity experts very great indeed,

A recent police report makes clear how very much the Internet had changed the nature of crime when even the most traditional of crimes now take place through information systems and advanced technology devices. Police agencies hasten to keep up with sins of the kind they never previously had to deal with such as cyber terrorism, child pornography, selling drugs and sex trafficking, all types of fraud from fake lotteries through stock swindles and money laundering, stalking and bullying These are all too many areas where criminals are ahead of police agencies relying on dated methods. A crime like technology changes over time, and in a society in which new technical tools and systems are made available, information can be readily turned into gold, as cybercriminals make clear. [3]

Well-motivated offenders are the plentiful targets for victimization in a global internet user population that is and familiar with computer technology have both the motivation and the opportunity to find victims. Though cybercrime continues to grow at alarming speeds by all accounts, hard data is scarce and professionals working to understand such crimes are still working on how to guide those working in these fields by accumulating data made difficult. There is also a grave conflict of interest when security breaches gathered by organizations, big corporations, and banks with an incentive to under report for fear of losing reputation, customers and market share. There need be in sum, information on cybercrime to build reliability and validity of the data into a scholarly area which is of the necessity of recent origin and in an area caught up with constant change yet carved with formulating policy and intervention strategies. In a field when we know too little about the criminals, their networks. It may be up to cybersecurity experts to continually share information to fulfill our obligation. To teach Internet users how to protect themselves and their loved ones from Internet-based crimes that can potentially turn any individual or organization into victims.

We had learned that threat groups take as operational strategy remarkably similar steps that have been identified from initial intrusion to establishing command &control isolating the part of the system from which valuable data could be extracted, even returning over months to complete the task from initially compromising the order to when data is obtained through a back door. But there is a great unknown, and we know all too little about the skills of the criminals, their training motivation, and systems of global organization and training. We may need to dig deeper into the so-called Attack Life Cycle to find the nature of the person underlying the action.

The Annual Report of the Internet Watch Society for 2017, issues in 20188 makes for bleak reading indeed. Every 7 minutes a web page appears showing the abuse of a child. Over a 100,00 reports came from the public, demonstrating an increasing awareness of at least one kind of online criminal activity with 55% younger than 10 of the victims and 2% younger than two years of age.[4] Obviously, cybercrime in this area, an accurate profile is possible, but in such areas as identity theft, credit card fraud, stealing personal data, corporate data breach, cyberbullying and cyber, terrorism and real estate scam, we are in such different territory ranging from ideological to financial motivation, expressions of psychological nature and the most various forms from one person to significant political, social or gangster organizations. There needs to be the kind of ordering of each manifestation, and away each might be studied for its variation, not just its commonality.

On May 7, 2018, the Internet Crime Complaint Center (IC3) released the Internet Crime Report compiled from complaints in 2017, with an astonishing total of 301,580 claims at the cost of $1.4 billion. Non-payment/non-delivery, personal data breach, and phishing for business e-mail compromise, ransomware, tech support fraud, and extortion led the list of crimes. The FBI is increasing public awareness and trying to combat cybercrime by improving our understanding of it. Encouraging victims to report Internet crime through the IC3, or similar organizations that could be built could channel complaints alerting law enforcement to the activity and aiding in the fight against cyber criminals by shedding more light on them.

Cybercrime will inevitably increase in sophistication and volume in 2019, within artificial intelligence and machine learning opening new field s for exploitation. There is a great deal of catching up to do.

Conclusion

Proper maintenance of clients' information is vital to any organization or institution; hence good security intelligent mechanism should be put in place. Information about FIN6 is very critical to deal with illegal activities of cybercrime which has established its root in both developing and developed nations. Every individual in any organization should enlighten the tricks and tactics the hackers use to gather primary data before they can launch its malicious activities.

References

FireEye Threat Intelligence. Follow the Money: Dissecting the Operations of Cybercrime. April 20,2016 Available from https// www, fireeye.com. Retrieved March 20, 2019.

Tom Grubb. The Five A's that Make Cybercrime so Attractive April 26, 2010. Security Week. Retrieved from https://www.securityweek.com/five-a's-make-cybercrime-so-attractivePolice Executive Research Forum; The

Changing Nature of Crime and Criminal Investigations. Critical Issues in Policing Series. January 2018. Available from https://www.policeforum.org/assets/ChangingNatureofCrime.pdf

Annual ReportInternet Watch Foundation. Available from https://www.iwf.org.uk/assets/media/annual-reports/Internet%20Watch%20Foundation%20Annual%20Report%202010%20web.pdfRetrieved March 20, 2019.

FBI. The IC3 Internet Crime Report and Calls for Increased Public Awareness. Available from www.fbi.gov. Retrieved March 20, 2019