Cyber Identities – Impact And Real-Life Cases

Cyber Identities – Impact And Real-Life Cases

Digital technology advancement has led to more people leveraging digital platforms to accomplish day-to-day activities. As digital technology platform users increase, companies have innovated ways to improve digital platforms and enhance user experience. To that end, new technologies such as extended reality, which encompasses virtual reality (VR) and augmented reality (AR), and advanced artificial intelligence (AI) are increasingly being used to enhance user experience. However, as businesses invest in these technologies, they tend to ignore cyber security risks that accompany extended reality technologies such as virtual reality and augmented reality. Besides, while advanced AI may be leveraged by companies to ensure cybersecurity is upheld, hackers can also use the technology to launch attacks.

Case Study: Home Depot Data Breach

Home Depot suffered one of the largest data breaches in 2014. In a press release on September 18, 2014, the company reported that hackers stole debit card and credit card information from about 56 million of its customers (Vaka, 2014). Hackers who attacked the company’s network exploited the company’s cybersecurity policy’s grey areas to attack. In the attack, the hackers gained access to Home Depot’s network using a third-party vendor’s credentials. Having gained access to the network, the attackers leveraged Microsoft Windows’ operating system security vulnerabilities to gain privileged access to the system (Vaka, 2014). Subsequently, the hackers were able to explore the company’s network and install malware, which accessed customer credit card and debit card information.

Even though Home Depot was not able to detect and prevent attacks, its response following detection was satisfactory. Firstly, the company leveraged law enforcement agencies and external cybersecurity experts to determine the extent of the breach and the methods used by the hackers. That was followed by customer notification and an offer to provide credit card monitoring and necessary remedies for those who were impacted by the attack. Subsequently, the company responded to the attack by implementing security enhancements such as encrypting POS data such that the data would become unreadable and unusable before being transferred to memory. Besides, further POS security measures were implemented, including pin technology and an additional protection layer for transactions involving credit and debit cards.

The financial and reputational impact of the data breach on Home Depot cannot be overstated. Customers were offered a staggering $17.5 million compensation for the losses incurred through unauthorized transactions. Home Depot also paid banks $134.5 million to cater to the money lost through fraud, card replacement, and other expenses (Cybersecurity and Infrastructure Security Agency, 2020). Besides, Home Depot spent significant resources during the period after the breach to conduct investigations and cater to legal fees in the ensuing lawsuits (Cybersecurity and Infrastructure Security Agency, 2020). The breach negatively impacted Home Depot’s reputation and reduced sales, though it is difficult to quantify the impact on the company’s sales. Although the group responsible for the attack was not officially determined, it is highly suspected that the stolen information may have landed on Ukrainian and Russian hackers responsible for Target and Sally Beauty data breaches.

Cyber Identities

Several cyber identities can be created following a ransomware attack like the one that affected Home Depot. Common identities stolen in digital payment attacks include consumer information such as date of birth, social security number, and residential address (Richardson & Waldron, 2019). Research shows that after fraudsters access critical customer information, they conduct fraud by creating synthetic identities, which they use to conduct their fraudulent activities. For instance, there are reports of synthetic identities being used to access auto loans, create bank credit cards and retail credit cards, and access to unsecured loans. Fraudsters also use information obtained to create fake digital accounts on e-commerce platforms to transact using false identities.

In the case of the Home Depot data breach, the hackers would access customer data whenever they swiped their cards on these POS systems’ terminals. The fact that the attacks occurred over five months, from April 2018 to September 2018, indicates how weak the company’s detection systems were (Vaka, 2014). Home Depot’s overreliance on a basic antivirus to detect malware and external attacks could not help because the attackers designed the malware to evade antivirus detection. The information stolen from Home Depot’s systems would later be transmitted to the hackers’ servers and later sold fraudulently to individuals who would later attempt to defraud victims (Vaka, 2014). Given the financial claims laid by credit card companies, banks, and customers, it is clear that the hackers successfully created fake identities, which they used to acquire loans, and use credit cards under false identities, alongside other forms of fraud.

Impacts on Society and Individuals

Data theft and synthetic identities pose concerning challenges for individuals and society. From the outset, these false identities may deceive governments and corporate systems into treating them like real people (Irvin-Erickson, 2024). Such false information causes devastating impacts on key sectors, including healthcare, banking, government agencies, and individual customers. It is worth noting that such false identity is not only due to financial motivation. Criminals may exploit access to such information to create fake personal profiles to commit crimes such as drug trafficking, human trafficking, and terrorism funding. For instance, the fentanyl crisis in the US is attributed to the proliferation of fake identities, which individuals leverage to order large amounts of the drug overseas, claiming it is for medical reasons. It is difficult for the government to trail criminals since synthetic identities point to individuals who do not exist in real life.

Furthermore, the attacks can potentially damage an individual’s trustworthiness and professional networks. For instance, the theft of emails in the Home Depot exposed clients to phishing attacks (Vaka, 2014). Having identified one’s critical personal information, hackers could email victims using convincing corporate language and convince them to click on phishing links. The outcome can be devastating as hackers can freely gain access to the victim’s email and solicit money from one’s social and professional networks.

Conclusion

In summary, technological advancements in the digital space pose benefits and costs. While improvements such as AR, VR, and advanced AI help organizations improve customer experiences on digital platforms, they are also significant risk factors that expose individuals and organizations to data breaches. As shown in the Home Depot data breach case, hackers exploited cybersecurity weaknesses in the retailers’ AR payment technology (POS) to access critical customer information. On the other hand, VR, which enables customers to pay for products in the comfort of their homes, can also expose their information to fraudsters who may use it to commit fraud. Given the increasing risk of digital data theft linked to Internet penetration, customers and other online digital platform users are increasingly becoming cautious about the safety of their identity, resorting to traditional shopping channels and payment. Organizations must also absorb increased costs to protect cyber identities.

References

Cybersecurity and Infrastructure Security Agency. (2020). Publication: October 2020       Cybersecurity and Infrastructure Security Agency. Cost Of A Cyber Incident:   Systematic Review And Cross-Validation Cisa | Defend Today, Secure Tomorrow 2.    https://www.cisa.gov/sites/default/files/2024-10/CISA-OCE%20Cost%20of%20Cyber%20Incidents%20Study_508.pdf

Irvin-Erickson, Y. (2024). Identity fraud victimization: a critical review of the literature of the past two decades. Crime Science, 13(1). https://doi.org/10.1186/s40163-024-00202-0

Richardson, B., & Waldron, D. (2019). Fighting back against synthetic identity fraud. McKinsey on Risk, 7, 1-6.

Vaka, P. R. (2014). Home Depot Breach or The Rise of Ransomware. NeuroQuantology, 12(4), 485-491.

Scenario

In today’s digital age, Ross and Kristina have fully embraced the convenience of online shopping. From groceries to clothing, bedding to mattresses, they eagerly sign up for reward programs at every online store, relishing the discounts offered. What Kristina doesn’t fully grasp is the significance of her cyber identity-those usernames and passwords that have become her digital persona in the vast online realm. The reliance on digital platforms has intricately woven a complex web of cyber identities, bringing forth both new realities and consequences.

Recently, Kristina encountered a significant hurdle when her computer malfunctioned. She struggled to recall the numerous usernames and passwords associated with different websites. Fortunately, with the help of each site’s login assistance feature and occasional support from customer service, she managed to retrieve her credentials. This process often entailed verifying her identity through personal details such as her date of birth and social security number. Thus, the digital world not only shapes but also confines the identity of individuals like Kristina, encapsulating it within an intricate digital fingerprint.

Instructions

In this assignment, you will explore the concept of Cyber Identity, encompassing advancements such as virtual reality, augmented reality, and advanced artificial intelligence within online identities. These technologies blur the lines between the physical and digital worlds, potentially creating more immersive and lifelike online experiences.

Your task is to research a real-life case study where cyber identities were forged to mislead individuals or institutions, ultimately impacting societal structures and individuals significantly.

In a Word document, provide an elaborated analysis of your chosen c study. Begin by detailing the case study, including its timeline and loca Then, explain how these cyber identities were constructed to deceive, examining the impacts on both individuals and institutions. Explore ho these identities transcend various aspects of a person’s life, including s interactions, professional networks, and personal interests.