| Recurring |
multiple_organization |
(a) The software failure incident having happened again at one_organization:
The article does not mention any previous incidents of a similar nature happening again within the same organization (Wisepay) [106358].
(b) The software failure incident having happened again at multiple_organization:
The article mentions a similar incident where nearly 400,000 customers had their credit card details stolen in 2018 when the British Airways website was compromised for around 15 days. This incident is cited as an example of a larger Magecart hack that was successful for attackers [106358]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident at Wisepay was due to a cyber-attack that exploited a vulnerability in the system's design. The attacker managed to find a "backdoor" into the system's database and modified a page, adding a link that redirected users to a fake payment page controlled by the hacker [106358].
(b) The operation of the system also played a role in the failure as users who clicked to make a payment were redirected to the fake payment page due to the attacker's manipulation of the system. This operation-related issue led to users unknowingly entering their debit or credit card details on the spoofed payment page, resulting in their information being compromised [106358]. |
| Boundary (Internal/External) |
within_system |
(a) within_system: The software failure incident at Wisepay was due to a cyber-attack where the hacker managed to find a "backdoor" into the system's database and modified one page, adding a link that redirected users to a fake payment page controlled by the attacker [106358]. This indicates that the failure originated from within the system itself.
(b) outside_system: The cyber-attack on Wisepay was initiated externally by hackers who exploited a vulnerability in the system to redirect users to a spoofed payment page where their payment details were harvested [106358]. This demonstrates that the contributing factors for the failure originated from outside the system. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident occurred due to non-human actions, specifically a cyber-attack. The attack on Wisepay's website allowed the hacker to harvest payment details by creating a spoofed payment page that redirected users to an external page controlled by the attacker [106358]. The attack involved the hacker finding a "backdoor" into the system's database and modifying a page to redirect users to the fake payment page, indicating that the failure was initiated by non-human actions.
(b) The software failure incident was also influenced by human actions. The incident was not noticed until the following Monday morning, indicating a delay in detection [106358]. Additionally, Wisepay's managing director mentioned that only a small subset of users were affected because certain types of cashless payments were not made on a daily basis, suggesting a human decision or behavior that influenced the impact of the incident [106358]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident occurring due to hardware:
- The software failure incident reported in Article 106358 was due to a cyber-attack on the Wisepay service, where an attacker was able to harvest payment details by creating a spoof page on the website [106358].
- The hacker managed to find a "backdoor" into the system's database and had modified one page, adding a link that redirected users to a fake payment page controlled by the attacker [106358].
(b) The software failure incident occurring due to software:
- The software failure incident in Article 106358 was primarily caused by a cyber-attack exploiting a vulnerability in the Wisepay service's website, allowing the attacker to manipulate the payment process and harvest payment details [106358].
- The attack involved the modification of a page on Wisepay's website to redirect users to a fake payment page, indicating a software-related vulnerability that was exploited by the cyber-criminal [106358]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident reported in Article 106358 was malicious in nature. It was a cyber-attack on the Wisepay service where an attacker was able to harvest payment details by creating a spoof page on the website. The attacker managed to find a "backdoor" into the system's database and modified a page to redirect users to a fake payment page controlled by the hacker. This attack was aimed at stealing credit card details from users making payments on the platform, indicating malicious intent to harm the system and compromise user data [106358]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions, accidental_decisions |
(a) The software failure incident related to the cyber-attack on the Wisepay service was primarily due to poor decisions made by the hackers who exploited a vulnerability in the system. The attackers managed to find a "backdoor" into the system's database and modified a page to redirect users to a fake payment page, where their payment details were harvested [106358].
(b) Additionally, the incident could also be attributed to accidental decisions or unintended consequences as Wisepay did not notice the attack until a few days later, allowing the cyber-criminals to access payment details of users who interacted with the compromised page [106358]. |
| Capability (Incompetence/Accidental) |
development_incompetence |
(a) The software failure incident reported in the article was due to a cyber-attack on the Wisepay service. The attacker was able to harvest payment details by creating a spoof page on the Wisepay website, redirecting users to a fake payment page controlled by the hacker. This incident highlights a failure due to development incompetence, as the hacker found a "backdoor" into the system's database and modified a page, allowing for the unauthorized access and theft of payment information [106358].
(b) The incident was not accidental but a deliberate cyber-attack orchestrated by cyber-criminals who exploited vulnerabilities in Wisepay's system to carry out a credit card skimming attack. The attackers strategically targeted the live payment page to intercept users' credit card details, indicating a premeditated and intentional act rather than an accidental failure [106358]. |
| Duration |
temporary |
The software failure incident reported in Article 106358 was temporary. The incident was a cyber-attack on the Wisepay service, where hackers were able to compromise payment details between 2 and 5 October via a spoof page. The attack occurred on a Friday night and was not noticed until the following Monday morning, at which point Wisepay's website was taken down. The website was later brought back online and deemed safe to use. This indicates that the failure was temporary and was resolved once the attack was detected and mitigated [106358]. |
| Behaviour |
crash, omission, value, other |
(a) crash: The software failure incident in the Wisepay cyber-attack can be categorized as a crash. The attack resulted in the system losing its state and not performing its intended functions. The website was taken down after the hack was discovered, indicating a failure in the system's operation [106358].
(b) omission: The incident can also be categorized as an omission. The attacker was able to harvest payment details by redirecting users to a fake payment page, omitting the system's intended function of securely processing payments. This omission led to the compromise of card details of parents making payments to schools [106358].
(c) timing: The timing of the failure can be considered in this incident. The attack occurred over a specific period between 2 and 5 October, during which the system was compromised, leading to the late detection of the cyber-attack on Monday morning. This delayed response impacted the system's ability to prevent the unauthorized access to payment details [106358].
(d) value: The incident can also be categorized as a value failure. The system performed its intended function of processing payments, but it did so incorrectly by allowing users to be redirected to a fake payment page controlled by the attacker. This incorrect behavior resulted in the compromise of sensitive payment information [106358].
(e) byzantine: The incident does not exhibit characteristics of a byzantine failure, where the system behaves erroneously with inconsistent responses and interactions. The attack in this case involved a specific method of redirecting users to a fake payment page to harvest payment details, rather than exhibiting inconsistent or conflicting behaviors [106358].
(f) other: The other behavior exhibited in this incident could be described as a security breach. The cyber-attack resulted in unauthorized access to the system, compromising the security of payment details and potentially exposing users to financial risks. This unauthorized access is a critical aspect of the incident beyond the technical failures of the system [106358]. |