This assignment will be based on the following article:
Chen, J 2019 ‘Mirrorthief Group Uses Magecart Skimming Attack to Hit Hundreds of Campus Online Stores in US and Canada’, Trend Micro Security Intelligence Blog, 3 May,
Answer the following questions in relation to the article. Assume that the audience for your responses is senior level management, who do not have a strong technical background. The word limit for this assessment item is 1,000 words.
1. Why did the adversaries encrypt the payment data using AES and encode using Base64 before exfiltration?
3. The case study identifies at least three parties, PrismWeb/PrismRBS, 201 (individual) campus stores and the adversary group. Of the former two parties, who was primarily responsible for defending against this attack? What actions could the other (non-responsible) party have taken to mitigate against this type of vulnerability?
4. Compare and contrast the characteristics of the attack with the Dridex Financial Trojan.
Harvard referencing is required.