My cyber attack would involve evil twin phishing that occurs when a threat actor sets a fake Wi-Fi access point, intending that the public will connect to it rather than the real network. The target of the attack would be anyone who connects to the network. The plan is to set up the Wi-Fi network in a public and popular space experiencing people’s traffic, such as a strip mall or a coffee shop. People must provide personal details before fully connecting and enjoying the network. The attackers receive the information and then monitor the users to learn about their bank activities or any financial aspects intending to steal money.
The cyber-attack threat actors are non-state actors. Non-state actors undertake cyber-nature actions but are not involved with a nation-state. The group falls in the non-state actor’s category of cybercrime gangs and scammers since it uses the information connected to the Wi-Fi to steal from individuals. They pretend to offer legitimate Wi-Fi network connections, but in reality, they are after the users’ personal information, which can help them steal their money (Van Wegberg et al., 2018). The threat actors are financially motivated as they aim to gain personal information that can assist them in stealing money from the users’ accounts. The group should consist of experts in Wi-Fi settings and operations responsible for setting the Wi-Fi and its operations, financial analysts responsible for analyzing the financial information received and laundering money, and software developers responsible for developing all the software requirements to see the plan through.
For better execution of the plan, the threat actors would reside both domestically and internationally. The reason for residing internationally is a defensive measure to avoid being recognized. The best international country to reside in would be the one that is an enemy of the domestic country. This way, the attackers may utilize the weaknesses brought about by the lack of unity between the two countries. Residing domestically is helpful for the operation of Wi-Fi software (Rutherford, 2018). Wi-Fi can be stronger when the network providers are close to the public place. Also, collecting personal information must be immediate to avoid piling up and causing unwanted attention. All these reasons raise the need for some actors to reside domestically to execute the plan effectively.
The target population for the attack is the general public, every person connecting to the network at a coffee shop or a strip mall. People, especially the current generation, tend to connect to public networks to read online messages from WhatsApp, E-mail, Facebook, and other social media (Rutherford, 2018). Public networks are provided as a way of customer service, such as people can enjoy online entertainment when taking a cup of coffee or in any other public space. The target population ranges from young people to old ones with gadgets that can connect to a Wi-Fi network.
The plan involves luring people to use the free Wi-Fi network; in turn, the actors access the users’ personal information. Such a plan may fall into the fraud scheme method of attack (Rutherford, 2018). Fraud scheme attacks involve an enterprise or group of people tricking others into accessing their personal information, which they later use for personal benefits and financial gain. During signing in to the network, users are supposed to provide personal details, which the actors use to monitor the users’ financial activities hence determining the effective methods and the right people to steal money from.
Communication in carrying out the attack is essential for the attackers’ anonymity and the plan’s success. The threat actors are to ensure they use very secret mediums and do not store the messages between the actors. In a platform that stores the messages, they may later be retrieved, leading to their arrest and using the messages as evidence against them. To remain anonymous and avoid capture, the actors may adopt the various black web to enhance communication (Gilmour, 2014). Such dark webs are the sites that end with ‘onion,’ which cannot be accessed by a regular browser and require special software and encryption. The actors also develop untraceable banners that they can use when on the ground, updated daily to avoid tracing from other actors such as governments and private organizations.
The attack is only partially successful if the money stolen from the users has yet to be laundered into legitimate accounts. Here is where the financial experts’ abilities are tested. They are responsible for determining weaknesses in the financial system that the attackers can use to cash out after the large heist. The intention is to use untraceable money laundering techniques. The best way to launder money is through using front companies and cryptocurrencies (Lee et al., 2019). Using front companies involves choosing less risky businesses such as fishery, garment, seafood, and textile businesses. The businesses are used to obfuscate funds and in countries in East Asia that have unstrict and fewer regulations. With less government involvement, laundering becomes more accessible and faster.
On the other hand, cryptocurrency involves virtual or digital currency using cryptography to carry out transactions. Cryptocurrency is essential because it has no regulating authority or central issuing. It involves a peer-to-peer system enabling anybody to receive and send payments. Cryptocurrency includes Ethereum, Bitcoin, Litecoin, and Ripple. The use of cryptocurrency is most effective for cybercriminals due to its anonymity and decentralized nature, making it challenging for the government to track the actors down. Transactions through such platforms do not require personal information, and due to this, the users remain anonymous and are hard to be tracked down (Gilmour, 2014). The transactions are also recorded on a public ledger that is not controlled by any government or central authority. Bitcoin would be the best cryptocurrency since it is the most popular, provides a high liquidity level, and is the most accepted on the dark web.
Money laundering aims to turn the proceeds into legitimate property or cash that can be used without raising any suspicion—there are three main phases of money laundering. The first phase is placement, including smurfing, false invoicing, cash businesses, aborted transactions, trust, offshore companies, and foreign bank accounts (Lee et al., 2019). The next phase is layering, which involves repeating the phase of placement and extraction repeatedly. In every layer, the criminals use different amounts to make tracing transactions as hard as possible (Gilmour, 2014). The final phase is extraction or integration, which involves getting money out into legitimate accounts that can be used without raising suspicion or attracting the regulator’s attention. The criminals always abide by taxes to make the laundering legitimate. It involves actions such as fake employees paid in cash, loans to directors that are never paid, and dividends paid to shareholders of organizations controlled by criminals.
One of the main challenges when executing the plan is gaining useful personal information to carry out the attacks. The challenge is determining personal details belonging to people with substantial money. Most public network users are middle- and lower-income earners with fewer savings, and all their salary is over even before it is received. Another challenge is the laundering process that involves so much risk of being noticed by the regulating bodies. Making the proceeds legitimate is the most crucial but challenging step in the plan. The target population is also well educated on the evil twin attacks, where they tend to avoid public networks and those marked as unsecure. Others have learned to use personal hotspots and disable Wi-Fi autosave. The users have adopted the use of VPN that encrypts the users’ data making it inaccessible to a third party (Yan et al., 2019). Another defense mechanism adopted is the use of two-factor authentication that is required at any login, making it hard for attackers to access one’s accounts even if they have personal information such as passwords and usernames. The target public ensures they use HTTPS sites that have end-to-end encryption. The encryption prevents the attackers from seeing and monitoring web page activities. By using those sites, the hackers cannot monitor the users’ financial aspects, hence have no way to determine ways to exploit the users.
The anticipated reaction by the public is the complaint and cry to the government and other regulatory bodies to recover their money. There will be a public cry that may force the government to react swiftly. For this reason, it is advisable to complete the process as fast as possible to avoid detection by government agencies (Yan et al., 2019). The public reaction will be to increase security in their accounts and avoid public networks that may place them under a similar attack in the future. Also, there may be increased public campaigns advising the public on how to prevent the occurrence of such attacks. In the whole plan, I may be involved as the leader of the cybercrime group. I believe in my leadership qualities and can lead the group into a successful heist. The plan’s success depends on many factors, but most of all require the group members to act in unity and everyone to effectively carry out their tasks.
References
Gilmour, N. (2014). Understanding money laundering. A crime script approach. The European Review of Organised Crime, 1(2), 35-56.
Lee, S., Yoon, C., Kang, H., Kim, Y., Kim, Y., Han, D., … & Shin, S. (2019, February). Cybercriminal minds: an investigative study of cryptocurrency abuses in the dark web. In 26TH Annual Network and Distributed System Security Symposium (NDSS 2019) (pp. 1-15). Internet Society.
Rutherford, R. (2018). The changing face of phishing. Computer Fraud & Security, 2018(11), 6-8.
Van Wegberg, R., Oerlemans, J. J., & van Deventer, O. (2018). Bitcoin money laundering: mixed results? An explorative study on money laundering of cybercrime proceeds using bitcoin. Journal of Financial Crime.
Yan, D., Liu, F., Zhang, Y., & Jia, K. (2019). Dynamical model for individual defence against cyber epidemic attacks. IET Information Security, 13(6), 541-551.
write