Problem regarding the cyber-attack

Assignment Help Computer Network Security
Reference no: EM13844006

DISCUSSION

This exercise is to identify and characterize assets. Imagine there is a severe natural calamity in your area and your personal vehicles have been rendered immobile. The local mayor is running school buses on their routes to evacuate residents and drop them off to a central safe location. You are only allowed to bring in items that will fit within your lap. Excluding people assets and laptop, cell phones, and hard drives, identify an asset you will select from your home and take with you. Be creative and think about other assets in the remaining four categories. For the chosen asset, describe how it will benefit you in the given situation.  As the discussion proceeds, demonstrate through meaningful dialogue how your selected asset is superior to the other competing assets proposed.

This is just for your information: There are 5 types of Assets:

  • Information assets
  • Personnel assets
  • Hardware assets
  • Software assets
  • Legal Assets

CRITICAL THINKING EXERCISE-IRAQ CYBERWAR PLANS IN 2003

In August 2009, the New York Times reported that in 2003, when the US was planning the Iraq war, US Intelligence agencies and the Pentagon developed a plan to launch a cyber-attack with the goal of freezing the bank accounts operated by Saddam Hussein. There were billions of dollars in these accounts, which were used to pay the salaries of army personnel and purchase supplies. If successful, the cyber-attack would incapacitate Saddam Hussein's ability to wage war with kinetic (conventional) weapons.

As the New York Times reported, though the officials involved in developing the plans for cyber-attacks were confident of their ability to execute the attacks, they never got approval to execute on their plans. Officials in President Bush's administration were concerned about collateral damage, i.e., impacts on accounts owned by other individuals, if any part of the cyber-attack did not go according to plan. This could create financial chaos worldwide, beginning with the Middle East, but likely to spread to Europe and even the United States.

That was 2003. Since then technology has evolved, and cyberwarfare is increasingly becoming part of the military arsenal. Even during the Iraq war in 2003, the military attack included disrupting telephone systems inside Iraq. This temporarily affected civilian telephone services in countries neighboring Iraq. However, this collateral damage was considered acceptable at that time. But the uncertain damage from a cyber-attack gone haywire was not. Since then though, the US Government has felt comfortable using cyber-attacks to advance its goals, best documented in the case of the Stuxnet virus.

Critical Thinking Questions

1. What are some ways (however unlikely) in which the proposed cyber-attack on Saddam Hussein's accounts could have harmed you?

2. What are some ways in which a cyber-attack on a military target can harm civilians?

3. One traditional military constraint based on the Geneva conventions and the UN Charter is called proportionality, the idea that a punishment should befit the crime. Given the risks of cyber-attacks identified in the earlier questions, do you think cyber-attacks are more likely to cause disproportional harm to civilians than conventional weapons?

DESIGN CASE

The Help Desk at the College of Engineering at Sunshine University has special privileges. It can fix user access problems bypassing normal access control procedures.

How did this come about, you might wonder? Years ago, an Electrical Engineering professor with considerable prestige in the College was unable to submit a grant proposal because he had accidently locked his Engineering account over the weekend. The Dean of the College and the Department Chair were extremely unhappy. As a "temporary" solution, student workers at the Help Desk were given administrative privileges to the Engineering domain, so they can change passwords and unlock accounts without inconveniencing the faculty and staff. Years later, the so-called "temporary solution" has become permanent, and quick response over the weekend is expected by all users.

One Saturday morning, Adam, a new student hired as a Help Desk employee decides, against the College's policy, to install a BitTorrent client on his Help Desk computer. Later in the week, an investigation into reports of sluggish computers leads to the discovery of a botnet installation on most of the computers in the College. After days of investigation, the source of the botnet installations is discovered when a keylogger is found on the machine Adam used. He had inadvertently installed malware on the machine together with the BitTorrent installation and the keylogger malware had captured Adam's credentials.

The College Dean has asked you to have an incident report on his desk as soon as possible, including recommendations to prevent such incidents in the future.

Design Case Questions

1. List the threats and vulnerabilities that allowed this situation to occur.

1. Classify all the events found in 1 above, including:

a. Asset Affected, including asset classification and characterization.

b. Threat Agent (including internal, external, or partner)

c. Threat Action (type, etc)

d. Vulnerability used

2. What recommendations would you make to the Dean going forward?

3. In your opinion, what should be done with Adam, the student recently hired to the Help Desk position? 

Reference no: EM13844006

Questions Cloud

Analyze the validity of the authors arguments and biases : How do you do a literature review? How do you analyze the validity of the author's arguments and/or biases?
An average person will generate about 350 kj : Undergoing moderate activity, an average person will generate about 350 kJ of heat per hour.Using the heat of combustion of palmitic acid (ΔH=-9977.6kJ/mol) as an approximate value for fatty substances, estimate how many grams of fat would be require..
Responsibility of critical thinker in contemporary society : What is the responsibility of a critical thinker in a contemporary society? What are the advantages of information technology in gathering data? What are the principles of critical thought?
Medicare access and chip reauthorization act : Medicare access and chip reauthorization act
Problem regarding the cyber-attack : This exercise is to identify and characterize assets. Imagine there is a severe natural calamity in your area and your personal vehicles have been rendered immobile. The local mayor is running school buses on their routes to evacuate residents and..
Understanding of the tragedy of the commons : Describe your understanding of "The Tragedy of the Commons" and how it relates to public policy analysis.
What are the objectives of material requirement planning : In regards to operations management, what are the objectives of Material Requirement Planning? How is each of the objectives within this process identified and achieved?
Fiduciary duties that java jet officers owe to java jet : What are the fiduciary duties that Java Jet's officers owe to Java Jet? Were any of those duties violated? Describe the differences between international and comparative law to your client
What caused the rise of the feudal system in japan : What caused the rise of the feudal system in Japan

Reviews

Write a Review

Computer Network Security Questions & Answers

  What is 128-bit encryption

Most Web browsers now use "128-bit encryption" to exchange data with secure Web sites. But what does this mean. What is "128-bit encryption". In terms of software available to the general public, is "128-bit encryption" the strongest.

  Dos and ddos attack

Denial of Service attack (DoS) and Distributed Denial of service (DDoS) attack, two-factor authentication system, password ageing, biometric devic,  cryptographic attack made Double DES (2DES), Demilitarized Zone (DMZ), SSL protocols

  Identify the responsibilities of a project manager

Identify the responsibilities of a Project manager when participating in a real world project and define the role of management in projects, particularly from the view point of the practitioner as a member of the project team;

  Choose a recent technical article from a referred journal

please choose a recent technical article from a referred journal or conference proceedings on the topic of threats and

  Personal and business-related cybersecurity scenarios

Analyze personal privacy issues related to various personal and business-related cybersecurity scenarios - Describe the mission of each, and examine and compare details of each stated privacy policy.

  The message kyvmr clvfw kyvbv pzjjv mvekv ve was encrypted

the message kyvmr clvfw kyvbv pzjjv mvekv ve was encrypted using a shift transformation c equiv p k mod 26. use

  Evaluate an organization''s security policies

Evaluate an organization's security policies and risk management procedures, and its ability to provide security countermeasures. Analyze the methods of managing, controlling, and mitigating security risks and vulnerabilities.

  Determine what the risk to an organisation

Security professionals need to ensure that they keep up to date with the latest threats and security issues. This allows them to update their risk profiles.

  Describe how it applies to the realm of data communication

Write one to two paragraphs on each topic below, and describe how it applies to the realm of data communication. Also discuss what type of damage these computer infections can do to data in a computer.

  Examine how the system balanced security and usability

Examine how this system balanced security and usability, and explain the challenges of incorporating system security and system usability into a design.

  Sarbanes-oxley act

Provide an overview that will be delivered to senior management of regulatory requirements the agency needs to be aware of, including: Sarbanes-Oxley Act

  Assignment on securing the scene

Imagine you are a digital forensic investigator for a healthcare organization. You learn from your internal information security department that an employee has been using password-cracking software to access confidential customer insurance inform..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd