NAMES: WIJANGCO, Mary Susanne V.

SCHED: MW (11:00 – 12:30) DATE: JULY 2, 2018

ZARRAGA, Lance Mae A. SUBJECT: IT6-A

Fraudsters: Victim/s:
Breach of: E – Current/ Where it PI – Private
Penalty
Article Title/ Press Description of Computer C - Confidentiality Former happened? Individual
Motives of Fraudster/s F – Fine Other Facts of the Case
Release Date Fraud I - Integrity Employee L – Local BE – Business
I – Imprisonment
A - Availability O – Outsider I – International Establishments
S – Syndicate G – Government
On March 15, 2017, the
FBI officially charged the
 Hacking 2014 breach to four men,
The Great Yahoo Breach C O  Conflict of Interest. I PI, BE, G F
 Stealing Identities including two that work for
Russia's Federal Security
Service (FSB). 
The attacks were labeled
as Chinese in origin,
Titan Rain
 Hacking  Political Motives although their precise
 Breaking Security C&I S  Steal Information for I G N/A nature, e.g., state-
(https://en.wikipedia.org/wi
Code Espionage sponsored espionage, cor
ki/Titan_Rain)
porate espionage, or
random hacker attacks,
Stuxnet has three
modules: a worm that
executes all routines
related to the main
payload of the attack;
a link file that
Stuxnet
 Hacking automatically executes the
 Breaking Security C&I S  Political Motives I G N/A propagated copies of the
(https://en.wikipedia.org/wi
Code worm; and
ki/Stuxnet)
a rootkit component
responsible for hiding all
malicious files and
processes, preventing
detection of the presence
of Stuxnet.

The Epsilon Breach
https://krebsonsecurity.co
m/tag/epsilon-breach/
Nine People Charged in
Largest Known Computer
Hacking and Securities
Fraud Scheme
August 11, 2015
(https://www.justice.gov/us
ao-nj/pr/nine-people-
charged-largest-known-
computer-hacking-and-
securities-fraud-scheme)
Woman to be first charged
under PH cyber crime law
June 15, 2015
(https://www.rappler.com/
nation/60649-woman-first-
charged-ph-cybercrime-
law)
Lee v. PMSI, Inc
January 13, 2011
(https://en.wikipedia.org/wi
ki/Lee_v._PMSI,_Inc.)
The scope of major
corporations affected is
somewhat mind-
boggling. Krebs on
Security warned, "Among
 Unauthorized Access
C&A O  Conflict of Interest I BE N/A Epsilon's clients are three
 Trojan Horse
of the top ten U.S. banks
– JP Morgan
Chase, Citibank and U.S.
Bank - as well as Barclays
Bank and Capital One.
Five of the nine
defendants were arrested:
Arkadiy Dubovoy, Igor
Dubovoy, Momotok, and
 Hacking
C, I, & A S  Financial Gain I BE I Garkusha were all
 Cyber Theft
arrested at their homes in
Georgia; Korchevsky was
arrested at his home in
Glenn Mills, Pennsylvania.
She was indicted by a
prosecutor in Las Piñas
City and is set to be
 Hacking I&A O  Financial Gain L BE I charged under the
Philippines’ Cybercrime
Prevention Act.
In May 2011 District Judge
Merryday held that Lee's
conduct did not exceed
 Unauthorized Access A E  Conflict of Interest. I BE N/A
authorized access to her
employer's computer in
violation of the CFAA. 
A Hacker is Indicted in
Computer Fraud Case
(https://www.nytimes.com/
1995/03/11/business/a-
hacker-is-indicted-in-
computer-fraud-case.html)
Cyberattack Hits Ukraine
then Spreads
Internationally
June 27, 2017
(https://www.nytimes.com/
2017/06/27/technology/ran
somware-hackers.html)
Victims of Online Love
Scams rising
May 17, 2018
(http://technology.inquirer.
net/75879/victims-online-
love-scams-rising)
SEC Settles Case Against
Teen Accused of Internet
Fraud
September 21
(https://abcnews.go.com/B
usiness/story?
id=89328&page=1)
Mr. Mitnick is also wanted
by state and Federal
 Unauthorized Access
I&A O  Financial Gain I PI N/A authorities for a parole
 Stealing Identities
violation in California and
could face charges in
other states.
The outbreak was the
latest and perhaps the
most sophisticated in a
series of attacks making
 Hacking
 Extortion use of dozens of hacking
 Breaking Security C, I & A S I BE & G N/A
 Financial gain tools that were stolen from
Codes the National Security
Agency and leaked online
in April by a group called
the Shadow Brokers.
Such scams are not easy
to solve because “you do
not know where to start
looking for the person”
 Online Scam
I S  Financial Gain L PI N/A who had conned another,
 Stealing Identities
said the ACG, the agency
primarily responsible for
enforcing the
country’s cybercrime laws.
Lebed neither admitted
nor denied the
commission’s findings, but
agreed to refrain from
 Misrepresentation
I&A O  Financial Gain I G F similar behavior. SEC
 Unauthorized Access
officials said it is the first
time the agency has
brought charges against a
minor.
Philippines arrests 44 from
China, Taiwan in Internet
The suspects were
Fraud
arrested in a series of
raids in the central city of
July 10, 2014  Conflict of Interest
 Online Scam I S L PI I Iloilo on Wednesday by a
 Financial Gain police anti-cybercrime unit
(https://www.rappler.com/
and immigration bureau
nation/62961-philippines-
agents.
china-taiwan-internet-
fraud-case)
Tesco Bank Theft shows
need to take cyber That investigation is being
security more seriously led by the UK’s National
Crime Agency (NCA),
November 8, 2016  Cyber Theft while the Information
 Conflict of Interest
 Breaking Security I O I PI & BE N/A Commissioner’s Office
 Financial Gain
(https://www.computerwee Codes (ICO) is looking into
kly.com/news/450402510/ whether the bank is doing
Tesco-Bank-theft-shows- enough to secure personal
need-to-take-cyber- data.
security-more-seriously)
Senakh was indicted in
Russian Man Sentenced
2015 and subsequently
in Minnesota Computer
arrested by Finnish
Fraud Case
authorities before he was
extradited to the U.S. to
August 3, 2017
 Phishing face charges.
I&A O  Financial Gain I PI I
(https://www.usnews.com/  Trojan Horse Senakh, of Velikii
news/best- Novgorod, Russia,
states/minnesota/articles/2 pleaded guilty in March to
017-08-03/russian-man- conspiracy to violate the
sentenced-in-minnesota- Computer Fraud and
computer-fraud-case) Abuse Act and wire fraud.
The viruswas designed to
The Melissa Virus/Worm send an infected email to
 Unauthorized Access
the first 50 email
 Breaking Security C O  Personal matters I BE F&I
(https://en.wikipedia.org/wi addresses on the
Code
ki/Computer_fraud) users’ Microsoft
Outlook address book. 
United States v. David
Nosal
When iPad users
accessed AT&T’s website,
April 24, 2013
 Unauthorized Access C E  Personal matters I BE & PI I the site recognized their
device ID and displayed
(https://en.wikipedia.org/wi
their email address.
ki/United_States_v._David
_Nosal)

US vs Aaron Swartz
Swartz, at the age of 26,
July 2011  Unauthorized Access committed suicide on 11
 Breaking Security I O  Conflict of Interest I PI F&I January 2013 No charges
(http://fija.org/document- Code were filed
library/case-info/aaron-
swartz/)
US vs Fidel Salinas

2012 He was originally charge

with he was charged with
 Hacking A O  Conflict of Interest I G F&I
(https://www.wired.com/20 44 felony counts of
15/02/hacker-claims-feds- computer fraud and abuse
hit-44-felonies-refused-fbi-
spy/)
United States vs Andrew
Auernheimer When iPad users
 Hacking accessed AT&T’s
March 2013 website, the site
 Stealing Identities C O  Conflict of Interest I PI I recognized their device
ID and displayed their
(https://www.eff.org/cas email address.
es/us-v-auernheimer)
Since his conviction, the
Matthew Keys CFAA has been used to
 Hacking prosecute hundreds of
I O  Conflict of Interest I PI I
(https://en.wikipedia.org/wi  Misrepresentation other high- and low-level
ki/Matthew_Keys) hackers, often to much
controversy.
PART II

A. Types/ Forms of Computer Fraud

The most common type of fraud is hacking
wherein fraudsters use a variety of tricks to
break into computer networks. And the least
Breaking Security Codes type of fraud is phishing which is a method
Cyber Theft of trying to gather personal information
Hacking using deceptive emails and websites.
Misrepresentation
Online Scam
Phishing
Stealing Identities
Trojan Horse B. Types of Interest harmed (Breach of Confidentiality, Integrity, Availability)
Unauthorized Access

C - Confidentiality
I - Integrity
A - Availability

The evidence from this pie chart shows that the most
interest harmed is integrity in which most of the
fraudsters’ breach the quality of being honest and
moral uprightness. The second interest harmed is
availability wherein fraudster’s took the opportunity of
the information for personal gains. Lastly is the
confidentiality which the fraudsters’ breach the privacy
of their victims.
C. Who are computer fraudsters/ criminals? (Current/ Former
Employees, Outsiders, Syndicate)
From the information shown in this pie
chart, majority of fraudsters’ are Outsiders
E – Current/ Former while there are only few Current/Former
Employee
Employee(s) involved.

O – Outsider

S – Syndicate

D. What are the motive/s of computer fraudsters/ criminals?

Conflict of Interest.
Extortion
Financial Gain
Personal matters
Political Motives
Steal Information for Espionage
Majority of the fraudsters committing these
crimes are for financial gains and conflict of
interest while some are for political motives
and stealing information for espionage.
E. Who are victim/s of computer fraudsters/ criminals?

The fraudsters’ has no preference on who to

victimized, but most of the time the victims are
Private Individuals and Business
PI – Private Individual Establishments and seldom victimized
BE – Business Establishments Government.
G – Government

F. Geography (Local or International)

L – Local
I – International

It is clear from the information given

that most fraudsters’ are from
International area rather than Local
area.
INTERNAL CONTROL WEAKNESSES RECOMMENDED CONTROLS

1. Lack of securities 1. Businesses should have stronger securities specially for the government and corporations. They
2. Lack of management responsibility should have a regular check or scan or monitor to their previous transactions, accounting records and
3. Assets being theft also to their customer’s informations.
4. Exposure of informations 2. To prevent breaches to internal system (such as hackings), some confidential informations should be
5. Irregular monitoring treated as if they were gems of the company and should not be announced to public. Information that
6. Lack of supervision would destroy the company should be also hidden to employees to prevent leakages
7. Conflicts of interest 3. Companies must strengthen their attention regarding the data on their customer sales, information etc
in order to detect such errors and fraud.
4. Companies should establish ethical standards and policies in which they can minimize conflict of
interest between employees, with that, we can avoid fraudulent acts
6. Companies should have a back up activities in every possible situations such as theft of assets,
leakage of informations etc.
7. Companies should publicize their vision as well as mission in order for the customers to understand
their goals in a long run. (to avoid bashers)

REFERENCES

https://www.lbahs.com/blog/bid/397513/10-common-internal-control-deficiencies-found-in-small-
businesses

Accounting Information Systems – James A. Hall

https://www.bartleby.com/essay/Internal-Control-Weakness-and-Corrective-Actions-F3JCYM43TC

http://smallbusiness.chron.com/weakness-financial-management-internal-controls-66503.html