7906Ict Digital Forensics : Revealing Assessment Answers

Deliverable: Describe the process used in restoring the scrambled bits and insert plain text in the assignment.

Task 2: Revealing hidden information from an image
For this task, I will provide an image with hidden information in it. You will be required to reveal the hidden information.

Deliverable: Describe the process used to reveal the hidden information from the image and copy the revealed information in the assignment in plain text.

Task 3: Forensics Report
In this major task assume you are a Digital Forensics Examiner. Considering a real or a hypothetical case you are required to produce a formal report consisting of facts from your findings to your attorney who has retained you. You are free to choose a forensics scenario which can be the examination of a storage media (HDD, USB Drive, etc), email or social media forensics, mobile device forensics, cloud forensics or any other appropriate scenario you can think of.

Third Step

We will use the User Name and Password, “asdf1530/.,” and then paraphrase it for verification and then select the DES algorithm.

Final Step:

We will see the revealing image and then save it on desktop for final output.

Following is the output for the Hidden image information:-

“Steganography is the art of covered or hidden writing. The purpose of steganography is covert communication-to hide the existence of a message from a third party. This paper is intended as a high-level technical introduction to steganography for those unfamiliar with the field. It is directed at forensic computer examiners who need a practical understanding of steganography without delving into the mathematics, although references are provided to some of the ongoing research for the person who needs or wants additional detail. Although this paper provides a historical context for steganography, the emphasis is on digital applications, focusing on hiding information in online image or audio files. Examples of software tools that employ steganography to hide data inside of other files as well as software to detect such hidden files will also be presented.

https://www.garykessler.net/library/fsc_stego.html “

Task 3

TJX Breach Impact Case study

Place:-USA

Dated:-Jan 17, 2007

Business:Retail

Company:TJX Companies Inc.

Case: - The organization's 90 million client's records were stolen. This occurrence will cost TJX in any event $250 million

Overview:-

TJX Companies Inc. is a main off-value clothing as well as home mold retailer with home office arranged in Framingham, MA. There Safety break emergency occurred on 18^th December, 2006 while they found that obscure gatecrashers wrongfully got to one of its installment frameworks and stole very card information having a place with clients in the countries such Canada, UK, USA and Mexico. All significant card brands acknowledged by TJX were influenced, that includes Discover, MasterCard, Visa as well as American Express (Abelson, 2007).

A most 50 million card numbers was taken, alongside name as well as data of more than 100 million clients, influencing clients of its different nations as well as in USA stores. Because of that episode, numerous banks that includes Bank of America were made to reissue the cards for the customer again as well as cancelled thousand of cards because of theft that happened at TJX.

This report looks at TJX's reaction to the emergency, also makes suggestions for an all the more balanced, compelling emergency taking care of arrangement later on.

Disaster Administration 

The extent of TJX security rupture was serious and worldwide It turned into the biggest information break as well as wholesale fraud occasion at any point recorded in business. It was an outer as well as purposeful emergency. If company had taken security measures and PCI (Payment Card Industry) rules, this emergency could have been stayed away from. In any case, in decency to TJX, in face of emergency, there were a few decent parts of their treatment of emergency:

Appreciatively, TJX does not attempt to move fault, or gave away any weak excuse. Despite the prominent as well as serious greatness of the emergency, it required a solid reaction from top level authority. Chief, Ben Cammarata, ventured up, as well as correctly filled in as the essential representative sending two effective messages: "I give it a second thought and I am responsible." He assumed liability, recognized the problem occurred because of company security pass, express regret for the oversight that happened. It was moral and genuine reaction (Abelson, 2007).

Immediately after break was identified TJX employed driving PC security and occurrence reaction firms to assess the degree of information uncovered, and aid examination.

Also, TJX speedily informed govt agencies- Secret Service of US, Securities and Exchange Commission of US as well as U.S. Bureau of Justice.

After advising law requirement, company educated different partners, contract banks as well as installment card along with check preparing organizations.

The company connecting with various partners at the flare-up of emergency, keeping them advised of whole circumstance, as well as quick activity to cooperate with best security specialists in examination was exemplary. It kept up TJX's validity as well as decreased the effect of the emergency.

Deferred Public Announcement and arrangement of wreckage ups 

Despite the fact that organization found it was casualty to a monstrous security rupture in mid-December, however didn't uncover to clients till 17^th January, 2007. Initially company kept up that it deferred making an open declaration at the demand of law implementation just to later concede the postponement was to a limited extent a "business choice" and in the advertisements, the organization expressed it was "to the greatest advantage of our customers." The top enthusiasm of clients was to keep them out of the loop until the point when they completed their shopping during the December Holiday season. At last, TJX just admitted to an issue after the primary Wall Street Journal report. Absence of straightforwardness forthright and opposing/clashing explanations gave organization part of negative exposure.

Moreover, representative attempted to over guarantee partners expressing that company had as of now fundamentally fortified security of its PC frameworks, it will avoid future interruptions, as well as now clients should feel safe shopping at their stores. This claim, without express points of interest of steps taken, scarcely appeared to be trustworthy for partners; when examination to such genuine security break at company was still in beginning times.

To exacerbate the situation, company already expressed that the interruption had occurred just from Mid of 06 to Start of 2007 plus Visas uncovered were constrained as well as "generously under millions.". Examinations however revealed later that their PC frameworks had been hacked on a few events starting from July 2005 till Jan 2007 and records bargained were more than 45 million. company, instead of conceding vulnerability, was simply claiming to know scope. This conflicting data prompted hypothesis that organization had a comment.

To add to troubles, Federal court filings later demonstrated that company had neglected to follow installment card industry compliance, as well as were in "grievous infringement" of security methodology they didn't have great control framework set up, even fundamental security checking or logs to track action were missing.

Absence of compassion and Two-way correspondence 

While expressions of conciliatory sentiment and sensitivity to influenced clients were critical, be that as it may, there was no activity design or direct contact with clients who progressed toward becoming casualties of misrepresentation because of TJX's carelessness. Tragically, clients were left to manage vulnerability. Subsequently, various clients, in any expectation of recuperating their harms, recorded claims against TJX (Abelson, 2007).

The company under-weight declares a settlement to offer clients with credit observing, as well as repaying their misfortunes. While declaration was made in September,2007, notwithstanding, sees containing data about qualification for remuneration were not sent to influenced clients until February, 2008. No doubt, this sort of messy and amateurish dealing with mirrored company’s absence of worry for client (Abelson, 2007).

To set up two way correspondence, however company established a hotline for clients who had questions, yet obviously it was shallow; there was no procedure set up, clients who endeavored to contact just got runarounds. Company were not genuine about tuning in to partners, their worries or criticism.

Opportunities were missed

Taking a gander at general emergency reaction, company emergency administration was strategic, for the most part centered around limiting the misfortune with a quickly made emergency correspondences system. The company site was utilized as essential specialized instrument for both influenced customers as well as the media. Since this occurrence got the organization across the board media consideration which they would some way or another never get, company missed on an awesome chance to interface all the more intimately with clients, make affinity with its clients through direct correspondence channels, and feature its image and qualities amid emergency (TJX Press release, 2007).

The TJX companies Inc. reaction didn't mirror its center estimations of honesty as well as openness. An additionally prospective reaction—making declaration early, normal updates, and offering influenced client's remuneration forthright would have driven TJX on a significantly higher good ground. Along these lines, TJX could have utilized this open door in making an enduring positive impression in psyches of client (TJX Press release, 2007).

Case Outline: -

The TJX security breach was happened in end of year 2007. This is the biggest wholesale fraud case at any point arraigned by the equity office from company. The beginning ambush was on a hub in the TJX organize in United States of America, basically in one of the retail outlets. Additionally, through that early on interference, the main convict as well as his co-plotters had the limit increase all concluded as well as spread themselves all through various parts of the company framework. Similarly, they got themselves ready to get as well as keep up access for different years, up until 2008 (TJX Press release, 2007).

Government experts have charged an as of now arraigned software engineer with breaking additional corporate PCs as well as taking data for no under 130 million credit and check cards, the best extortion case at any point prosecuted in the United States (TJX Press release, 2007).

Albert as well as two mysterious Russians were charged for ambushes that hit Visa processor companies, as well as two anonymous associations. The twenty-eight-year-old occupant of coastal region Miami rebuked for executing a break on stores controlled by TJX Companies Inc., which revealed almost 50 million card subtle elements. These distinctive associations, including Dave & Busters as well as Boston Market restaurant systems, were moreover among the charged casualties (TJX Press release, 2007).

Reports recorded in United States District Court in Newark, New Jersey attest that Albert as well as three unidentified individuals cased the latest setbacks by setting off to their customer facing facades along with locales to perceive the reason for offer tasks plus web applications they used.

The charged guilty parties attempted to cover their tracks, according to the indictment. Despite using middle person servers that disguise their real IP addresses, they used 20 assorted against infection projects to check none of them perceived the malware used as a piece of the arrangement, prosecutors said. Once the guilty parties got Visas data, they endeavored to offer it in underground social affairs to others to use in making false purchases as well as withdrawals in addition to facilitate misrepresentation designs. Each respondent in arraignment was blamed for two wrongdoing counts each for trap to execute wire blackmail; as well as interest to increment unapproved access to PCs, to do deception in regards to PCs, and to hurt PCs. In case condemned, each defies a biggest of 35 years in prison as well as $1.25m in fines (TJX Press release, 2007).

On 17^th January, 2007, company openly reported a PC interruption and from that point they extended their criminological examination. Cheats encroached upon TJX arranges over a traverse of 1.5 year as well as stolen 60 million Visa account numbers along with almost 30 million MasterCard numbers crosswise over the districts in which TJX stores were located. The rupture could cost TJX $1 billion more than six years in costs for specialists, security redesigns, lawyer expenses as well as harm control promotion in various department in company.

On 22^nd December 2006, company told law implementation Official of a presumed Computer interruption. In light of, that continuous examination to information, they trust that the Breached (TJX Press release, 2007).

Conclusion:

Generally, TJX's procedure for limiting misfortunes and staying away from harm to their corporate picture was decently fruitful. Their "come clean" methodology, tolerating error, and assuming liability for disaster helped spare validity in client's brain. Additionally, late measures and settlements with various partners helped them restrict the harm, and restored their working profits]. That is the reason maybe; in spite of being the greatest, costliest break ever, client and financial specialist trust in TJX remained to a great extent unshaken. There was no dunk in company’s stock cost at the anniversary of emergency beginning, and even deals were as solid as the year-sooner level.

In any case, company initiative was not able diffuse the scene's negative effect. They got unfriendly media consideration, terrible notoriety, and wound up getting infamous for security. Company could have reacted all the more adequately, made utilization of chance and conceivably turned out more grounded had they joined a portion of the above proposals for emergency administration (TJX Press release, 2007).

Reference:

TJX 10K Form Filing- March 28, 2007

https://www.usatoday.com/money/industries/retail/2007-03-29-tjxfiling.pdf Retrieved 8^th October, 2017.

TJX Press Release- Jan 17, 2007

https://investor.tjx.com/phoenix.zhtml?c=118215&p=irol-newsArticle&ID=951253&highlight= Retrieved 8^th October, 2017.

TJX Video Message on company website- Boston Globe- July 29, 2007: https://www.boston.com/business/ticker/2007/01/in_video_messag.html Retrieved 8^th October, 2017.

TJX security breach aftermath- Network World- Jan 29, 2007

https://www.networkworld.com/columnists/2007/012907-bradner.html Retrieved 8^th October, 2017.

How Credit-Card Data Went Out Wireless Door, PEREIRA JOSEPH, WSJ May 4, 2007

https://online.wsj.com/article/SB117824446226991797.html Retrieved 8^th October, 2017.

Credit Cos. Watchful After TJX Breach, Denise Lavoie, Washington Post, Jan 18, 2007

https://www.washingtonpost.com/wp-dyn/content/article/2007/01/18/AR2007011801361_pf.html Retrieved 8^th October, 2017.

TJX Press Release- Feb 21, 2007

https://investor.tjx.com/phoenix.zhtml?c=118215&p=irol-newsArticle&ID=965586&highlight= Retrieved 8^th October, 2017.

Payment Card Industry PCI DSS compliance

https://www.bukisa.com/articles/107032_pci-dss-an-introduction-and-overview Retrieved 8^th October, 2017.

Federal court filings show TJX Non-compliance with PCI Security Guidelines, EWeek Oct 25, 2007 https://mobile.eweek.com/c/a/Security/TJX-Intruder-Moved-80GB-of-Data-Without-Detection/ Retrieved 8^th October, 2017.

TJX Press Release- Sept 21, 2007

https://investor.tjx.com/phoenix.zhtml?c=118215&p=irol-newsArticle&ID=1054404&highlight= Retrieved 8^th October, 2017.

Abelson, Jenn. 2007. "Consultants: Chain should be More Open, Helpful." Boston Globe, Jan 20, A.9-A.9. https://search.proquest.com.ezproxy.babson.edu/docview/405045885 Retrieved 8^th October, 2017.

TJX Core Values

https://www.tjx.com/corporate.asp Retrieved 8^th October, 2017.

How to save your brand in the face of Crisis- Crisis Communication Framework- MIT Sloan

https://www.forbes.com/2010/08/06/brand-crisis-management-leadership-managing-mitsloan.html Retrieved 8^th October, 2017.

TJX Press Release- Aug 14, 2007

https://investor.tjx.com/phoenix.zhtml?c=118215&p=irol-newsArticle_Print&ID=1040186&highlight= Retrieved 8^th October, 2017.

Five anniversary learnings from TJX security breach, IT Business, Jan 19, 2008

https://www.itbusiness.ca/it/client/en/home/News.asp?id=46776 Retrieved 8^th October, 2017.

For TJX, a store of consumer loyalty, Boston Globe, Dec 21, 2007

https://www.boston.com/business/articles/2007/12/21/for_tjx_a_store_of_consumer_loyalty/?page=full Retrieved 8^th October, 2017.

TJX faces scrutiny by FTC, Boston Globe, March 13, 2007

https://www.boston.com/business/articles/2007/03/13/tjx_faces_scrutiny_by_ftc/ Retrieved 8^th October, 2017.

Banks file suit against TJX over breach costs, SC Magazine, April 25, 2007

https://www.scmagazine.com/banks-file-suit-against-tjx-over-breach-costs/article/34898/ Retrieved 8^th October, 2017.

Secret Service Busts Four Fraudsters With Ties To T.J. Maxx Attack, InformationWeek, July 12, 2007

https://www.informationweek.com/news/201001100 Retrieved 8^th October, 2017.

SecurityFocus, TJX agrees to class-action settlement, Sept 24, 2007

https://www.securityfocus.com/brief/594 Retrieved 8^th October, 2017.

Blogosphere News, TJX Class Action Settlement, Sept 25, 2007

https://www.bloggernews.net/110467 Retrieved 8^th October, 2017.

EcommerceTimes, TJX to Shell Out $41M in Data Breach Settlement

https://www.ecommercetimes.com/story/60554.html?wlc Retrieved 8^th October, 2017.

TJX Press Release, Dec 18, 2007

https://investor.tjx.com/phoenix.zhtml?c=118215&p=irol-newsArticle_Print&ID=1088548&highlight= Retrieved 8^th October, 2017.

Customer notices go out in proposed deal on TJX data breach, Metrowest Daily News, Feb 29, 2008

https://www.metrowestdailynews.com/news/x288024968 Retrieved 8^th October, 2017.

TJX Press Release, April 2, 2008

https://investor.tjx.com/phoenix.zhtml?c=118215&p=irol-newsArticle&ID=1124887&highlight=, Retrieved 8^th October, 2017.

TJX closes book on infamous security breach with sale, The Register, Jan 23, 2009

https://www.theregister.co.uk/2009/01/23/tjx_sale/, Retrieved 8^th October, 2017.

Attorney General Gansler Reaches Settlement with TJX Companies, Inc., June 23, 2009

https://www.oag.state.md.us/Press/2009/062309.htm, Retrieved 8^th October, 2017.

TJX & Heartland. (n.d.)., from https://www.cert.org/digital-intelligence/case-studies/tjx-heartland.cfm, Retrieved 8^th October,2017

TJX suspect indicted in Heartland, Hannaford breaches. (n.d.). from https://www.theregister.co.uk/2009/08/17/heartland_payment_suspect/, Retrieved 8^th October, 2017.