Discuss long-term initiatives to encourage positive change

Assignment Help Computer Network Security
Reference no: EM131265743 , Length:

A Case Study in Cyber Security


Cyber security is an essential tool for managing risks in today's increasingly dynamic and capable cyber threat landscape. Yet the market for cyber security remains small, and organizations are making only tactical investments in cyber security measures-one of the reasons why there has been an increase in cyber attacks. Evidence suggests that this trend will last for some time to come. However, the anticipation of an increasingly open and mobile enterprise should help refocus the spotlight on strategic investments in areas like cyber security. Cyber security professionals who wish to see cyber security move up in IT's priority queue should take immediate steps such as demanding secure software from suppliers and requiring rigorous acceptance tests for third-party code to help promote cyber security in the long run.

Because cyber security has a significant impact on vulnerability management, one could infer that the spotlight is only shifting to a different perspective and that commitment to cyber security may not have declined in the final analysis. Although viewed as a priority by many cyber security professionals, cyber security has not seen the appropriate commitment level reflected in IT's budget allocation.

For example, data breaches resulting from web application hacking are almost always accomplished through the exploitation of application vulnerabilities like SQL injection or cross-site scripting. If cyber security is not improved at a larger scale, the industry will continue to be plagued with security incidents that result in data breaches or other consequences that are even more disastrous. Changing the attitude toward cyber security, however, would require a culture shift, a shift that places importance on proactive risk management rather than immediate return of Investment (ROI). This shift won't happen overnight. In the meantime, cyber security professionals should follow these recommendations to implement a few immediate measures to effect positive changes:

- Demand software quality and security from suppliers.
- Perform stringent acceptance tests for third-party code.
- Disable default accounts from applications.
- Establish a secure operational environment for applications.
- Implement effective bug-reporting and handling.
- Perform risk assessments underpinned by strict Governance, risk and Compliance frameworks and legislations.

As the buyer side starts to demand secure cyber software, the power balance will start to shift toward more strategic approaches to managing cyber-level risks. Cyber security professionals can encourage this change by engaging in these longer-term initiatives:
- Work toward an industry certification program for secure development practices.
- Implement a cyber security program.
- Continue to drive awareness of the changing cyber threat landscape.

So, in order to improve cyber security, companies and cyber security professionals should work in a concerted fashion to cultivate a culture that values and promotes cyber security. To help usher in such a culture, cyber security professionals should:

- Do their part to promote a cyber security ecosystem.
- Use mobile proliferation as a catalyst for cyber security.

Cybercriminals from China have spent more than six years cautiously working to obtain data from more than 70 government agencies, corporations and non-profit groups. The campaign, named Operation Shady RAT (remote access tool) was discovered by the security firm McAfee.

While most of the targets have removed the malware, the operation persists. The good news: McAfee gained access to a command-and-control server used by the cyber attackers and has been watching, silently. U.S. law enforcement officials are working to shut down the operation. The Chinese government is denying that it sanctioned the cyber attack operation; although, configuration plans for the new DoD F-35 stealth figher were comprised by the cyber attackers. So, with the preceding in mind, the following are five things that came to light:

- Seventy-two (72) organizations were compromised.
- It was just not North America and Europe.
- When the coast was determined to be clear, the cyber attackers struck.
- This was a single operation by a single group (probably the Chinese).
- The only organizations that are exempt from this cyber threat were those that did not have anything valuable or interesting worth stealing, from a national security point of view.

The loss of this data represents a massive economic cyber threat not just to individual companies and industries, but to entire countries that face the prospect of decreased economic growth in a suddenly more competitive landscape; the loss of jobs in industries that lose out to unscrupulous competitors in another part of the world; not to mention, the national security impact of the loss of sensitive intelligence or defense information.

Yet, the public (and often the industry) understanding of this significant national cyber security threat is largely minimal due to the very limited number of voluntary disclosures by victims of intrusion activity compared to the actual number of compromises that take place. With the goal of raising the level of public awareness today, this is not a new cyber attack, and the vast majority of the victims have long since remediated these specific infections. Although, whether most victims realized the seriousness of the intrusion or simply cleaned up the infected machine without further analysis into the data loss remains an open question.

The actual intrusion activity may have begun well before 2006, but that is the earliest evidence that was found for the start of the compromises. The compromises themselves were standard procedure for these types of targeted intrusions: a spear-phishing email containing an exploit is sent to an individual with the right level of access at the company, and the exploit when opened on an unpatched system will trigger a download of the implant malware. That malware will execute and initiate a backdoor communication channel to the web server and interpret the instructions encoded in the hidden comments embedded in the webpage code. This will be quickly followed by live intruders jumping on to the infected machine and proceeding to quickly escalate privileges and move laterally within the organization to establish new persistent footholds via additional compromised machines running implant malware; as well as, targeting for quick exfiltration the key data that the cyber attackers came for. In the end, one very critical question remains unanswered: Why wasn't the Department of Homeland Security (DHS) all over this cyber breach during the last 6 years when "Operation Shady Rat" was alive and well?? After all, isn't DHS supposed to be the security guardians of the cyber world?

If "Operation Shady Rat," wasn't bad enough, hackers are now using outfitted model planes/drones to hack into your wireless system. Built from an old Air Force target drone, the Wireless Aerial Surveillance Platform (WASP) packs a lot of technological power into a flying high-end cyber endurance package.

General guidance

Quality of ideas, evidence of literature review, demonstration of up to date knowledge, together with appropriate comprehensive referencing is of more importance than the precise length of submission. The ability to critically analyse a case-study and /or setting and ability to apply knowledge so as to identify solutions to potential problem is essential. Length of submission should be 1500 words.

You are required to copy the questions given below and provide the answers in your report ONLY! No need for additional text or reproduction of the case study in your final report.

Further Guidance: [100 marks available/pass mark = 40]

The dangers of getting the balance right as between security, easy access and reduction of risk in business contexts of use are to be the main focus of your response to the following tasks. All arguments presented are expected to be supported by evidence. You should answer each question in the order given below. Full citations (referencing) are needed for any information sources you identify.

a) In order to implement a few immediate measures to effect positive changes, what recommendations should cyber security professionals follow?

Discuss all available frameworks, legislation and regulatory requirements on which information security professionals can base their proposal(s). [750 words]

b) Critically discuss long-term initiatives to encourage positive change with regards to assessing security riskand maintain privacy in a corporate environment.

What kind of security risk assessment methodologies can be identified for better mapping of the threat landscape?Provide a detailed comparison of these methodologies with clear links to the case study. [750 words]

Verified Expert

This task is about security risk assessment methodologies. It is 1500 words task and it is MS- Word Report. In this report, recommendations for cyber security professionals for positive changes in security, security frameworks, legislation and regulatory requirements are discussed. Besides this security risk assessment methodologies for data privacy are also discussed. Harvard referencing is done.

Reference no: EM131265743

Web application security challenges

You must submit both sections as separate files for the completion of this assignment. Label each file name according to the section of the assignment it is written for.

Describe the different types of computer attacks

Describe the different types of computer attacks. Evaluate the ethical concerns that computer crimes raise in society and the impact of information technologies on crime, te

New product development and product enhancement teams

As the new technical communications manager for International Gadgets (IG), you have developed a good idea of the various internal and external audiences for communications

Create diagram of dsl and cable modem connection to your isp

Create a diagram of the DSL and Cable Modem connections to your ISP, cable organization, and telecom to your home router using Visio or its open source alternative software.

Identify the four different types of wireless encryption

Identify the four different types of wireless encryption, and indicate which ones provide the best security. Identify at least five protocols used on the Internet, and describ

What would you say about the potential benefit of encryption

If you were part of a government entity, what would you say about the potential benefits and drawbacks of encryption? Be sure to cite examples from credible sources to suppo

Design a test methodology for the sungrafix network

Designing Test Methodology for the SunGrafix Network? Reports on incident response and escalation procedures, with information on updating the security policy for employees,

Department of homeland securitys mission

Interpret the Department of Homeland Security's mission, operations and responsibilities. Detail the Critical Infrastructure Protection (CIP) initiatives, what they protect,



11/7/2016 8:30:46 AM

In question one; you have define the steps of response incident, legal & compliance which relate to the case study and in second question; you have define a long term security, comprising with different methodologies which relate to data privacy and define the suitable methodology with clear justification ... all you answers should be relate to the case study which is (Shady RAT). Look forward to see your report by tomorrow. Kindly acknowledge you need to brief explain some legal agencies such as DHS, IRS, etc on declaration of breach. No NIST methodology needed in first question. Question 2 long term initiatives are missing Methodologies evaluation has no references. NIST, ISO consider as methodologies which you only mentioned one methodology (NIST). we need to compare methodology with proper reference base of the case study.


11/7/2016 8:28:35 AM

I asked for 2nd questions then DR answered that the methodologies which you going compare should focus on data breaching, data stealing & disclosing the steeled data to outsiders, you should not write methodology which relate to application or hardware or something,etc ... Hence the expert should use only methodologies relate to data breaching, data stealing & disclosing the steeled data to outsiders, And pick the suitable methodology which fit the case study. The methodologies which you need to do comprising are on data privacy methodologies and pick the best among them or suitable with justification of why it's suitable. As promised this report should be delivered by tomorrow. Please i hope you have understood the questions very clearly as they quite not street forward.


11/4/2016 6:00:06 AM

Just want to bring to your attention that the requirement of second question is to explain in breif multi risk methodologies and select the right methodology which suit the case and why its suitable. All your answer should be linked to the case study even when doing the comprising of methodologies need to be link to the case study. Regard the first question, need to talk about process, legal, response or incident response plan as security professional need to be done during then attack or breach of Shady RST, all need to be linked to the case study provided. Look forward to see your report, hopeful it would be as I expected.


11/4/2016 5:59:56 AM

Thank you and i have done the payment. However I please request you to complete it before the deadline so it will give me time to review it and as you mentioned below the Assignment with no plagiarism, and it must contains reference. Last question, what if i'm not happy with the report? Please note: the reviewer does not want any introduction or conclusion. The reviewer expect the answer of the two questions in the Assignment with the total wording of 1400 words. References also must to present. Hence please make sure to not write any or include any introduction or conclusion, he just need the answer of the questions which is relate to the case study. Please make any references to legal, regulatory requirements, or a process which professional security should follow assuming the breaching is taking place and most import is to linked to the case study exclusively. Also the reviewer expeciting to minimizing as much as possible about technical process


11/4/2016 5:15:39 AM

The attached case study is about security breach done by a group called Shady RAT. The assignment has two questions what professional security would do during the attack and second question is to compare risk methodology and pick the best which suit the case study. Please note: The answer of both questions should be relate to the case study


11/4/2016 5:15:14 AM

Outstanding/Excellent quality of ideas arguments. Very good grasp of technical aspects such as information security management frameworks, operational security aspects and strong critical analysis. Fully referenced submission. Clear and consistent demonstration of ability to relate arguments to the specifics of the case-study.Read the following case study and then answer the questions that follow. Be sure to directly relate your answers to the specific details given in the case study. You are asked to produce a written report. It is vital that in the composition of this report, you supplement any arguments you make with appropriate references.

Write a Review

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd