Mitigating Cybersecurity Threats: A Comprehensive Approach

Verified

Added on  2019/11/26

|16
|3636
|249
Report
AI Summary
This assignment discusses the importance of blocking unauthorized user access to prevent manipulation or exposure of information within an organization. To achieve this, steps such as upgraded and filtered firewalls, closing specific mails and ports servers, and isolating systems are suggested. Additionally, recovering systems, data, and connectivity is crucial by replacing corrupted files, rebuilding affected systems, resetting compromised account passwords, and conducting regular auditing to detect human errors.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: CYBER CRIME (AUSTRALIA)
Cyber Crime (Australia)
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
1
CYBER CRIME (AUSTRALIA)
Table of Contents
Risks and Issues with Data Security and Cybercrime.................................................................2
Cyber Security Incident Contributing Factors.............................................................................6
Key Threats..................................................................................................................................6
Measures to Mitigate Cyber Intrusions............................................................................................8
Responds to externally attempted cybercrime and data security breach.....................................9
References:....................................................................................................................................13
Document Page
2
CYBER CRIME (AUSTRALIA)
Risks and Issues with Data Security and Cybercrime
The cyber threat that is Australia facing is an unrelenting and undeniable issue that
should be concerned to the IT security professionals but the rate of vulnerabilities and attacks is
extending the room for the shareholders and individuals to get involved in this situation. Cert
Australia, the partner agency of the Australian Cyber Security Centre (ACSC) can be considered
as the primary point-of-contact for the cyber security issues that are affecting major of the
Australian businesses and firms (Jennings and Feakin 2013). Cert Australia reported that there
were 11,733 incidents that affected the firms and their businesses in 2014 – 2015. 218 among
those incidents were reported to be the national interests and critical infrastructure. With the
development of technology the cyber threats will continue to increase parallel to the
advancement in technologies (Pandey et al. 2016). Effective cyber-security is increasingly much
complex to deliver because of the following reasons:
Mobility and consumerization: The organizational boundaries are becoming blurred with
the adoption of mobile computing in the organization, which is letting IT to get closer to the
consumers and further from the firm. The organization’s data are becoming accessible
everywhere by the incorporation of bring-your-own-device and use of internet connecting via
smart-phones, tablets and other mobile devices.
Cloud: Many organizations are using cloud-based services that are being managed by the
third party including storage which is leading toward new risks (Kshetri 2013).
Change: Nowadays the organizations are adopting the post-economic-crisis world in
order to run fast and fulfill the business needs. Market expansion, introduction of new
technologies, and mergers acquisition all are expanding rapidly into the organization which is
Document Page
3
CYBER CRIME (AUSTRALIA)
increasing the complications in strengthen the cyber-security system of the organization. Internet
technology can be stated as the primary medium or path for the intruders to enter the system of
the organization and spread into different systems.
Infrastructure: Transformation of traditional close operation technologies systems into IP
addresses leading cyber threats toward the automation system and operations of the back-office
systems. This threat is also being spread to the critical infrastructure of the organization that
includes transportation systems, power generation and other automation systems.
Ecosystem: Nowadays environment are changing to the digital connectivity or digital
world which is connecting people and data, which results in increment of the likelihood of
exposing to the cybercrime both at work and home environment (VonSolms and Van Niekerk
2013).
Based on the survey among the industries including financial, banking and other sectors, made
by ACSC (Australian cyber security center 2015) following graph has been proposed:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
4
CYBER CRIME (AUSTRALIA)
Figure 1: IT security policies, procedure or plans used by organizations
(Source: ACSC 2015)
Cyber security threats can be more clearly understand by following prevalent types of
incidents in Australia:
Percentage of threats Types of incident
72 Ransomware
59 Targeted Malicious Emails
30 Theft of laptops and mobile devices
20 RATs (Remote Access Trojans)
23 Breach or theft of the confidential information
16 Denial of the service attack
Document Page
5
CYBER CRIME (AUSTRALIA)
66 Malware
30 Worm or virus infection
27 Trojan
25 Unauthorized access
17 Unauthorized access to the information from an
outsider
14 Unauthorized access to the information by an
insider
Ransomware could be stated as the most attempted security breach in the organization,
ransomware basically refers to the extortion that is made by the use of malicious virus or Trojans
that technically encrypt the contents of the computer and forces victim to pay ransom in
exchange of the decryption of those files (Kharraz et al. 2015). One of the most popular incidents
was the WannaCry ransomware attack which attacked the global computer and made a vast
destruction damaging several organizational and federal operations.
Failure to cover the basics of cyber security: The common exploits and vulnerabilities
used by the attackers in the past were helpful in revealing that there is lack in fundamental cyber
security measures. Less than a dozen vulnerabilities can lead the hackers to get access to the
system of the organization. For example: timely patching has blocked 78% of the internal
vulnerabilities among various organizations, which give a wide open door for the unauthorized
users to access the data (Pfleeger and Pfleeger 2012).
Document Page
6
CYBER CRIME (AUSTRALIA)
Cyber Security Incident Contributing Factors
Many external and internal factors can be responsible for the cyber incident; some of
them are listed below:
Staff errors, poor security culture, staff omissions, improperly configured systems, and
targeting of the incidents and sophistication are the predominant factors that might contribute to
the organization cyber incidents (Kozik and Choras 2013).
Threats are motivated financially are often appeared and broad-based factors that might
affect the firm. ‘Random attack’ can be motive to attack the functioning operations of the
organization.
Key Threats
Strategic risk: Cybercrime is a serious strategic risk for any organization and should be
given highest priority in order to keep the organization on track with its objectives and goals. 25
percent of large firms and 15 percent of small firms have reported security breaches in 2015.
Data that has been stolen through cybercrime or data breach can be distributed and replicated at
the will of the intruders, which makes it almost impossible to solve. Serious data losses might
threaten the business viability (Luiijf, Bessesling and Dre Graaf 2013).
Reputation risk: Reputation of an organization is the most important aspects for all the
organization irrespective of their sectors. Expose of personal information due to any data breach
will affect the reputation of the organization, which can affect demoralization to its employee too
(Biener, Eling and Wirfs 2015). Data breaches and cybercrime can lead to the reputational risk,
which can take the form of the major lawsuit, negative publicity of products or services and
could make the ratings lower. This could also lead to the slow death of the organization through

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
7
CYBER CRIME (AUSTRALIA)
negative feedbacks and lower rating. A single data breach can give option to the suppliers to
offer less favorable terms.
Compliance risk: Cybercrimes and data breaches can lead to the compliance risk for an
organization, which can affect the future of the business. Many cyber attacks in Australia have
focused on breaching personal details of the wealthier clients of private banks, which can be a
bigger issue for financial companies with a risk of disclosure of information. After realizing the
organization’s data has been breached by cyber crime, in few times it is prove to be decisive in
terms of the organization’s ability to ameliorate its losses, including any regulatory compliance
fallout.
Financial risk: Cybercrimes increases the probability of financial risk, attacks like
wannacry, One LogIn data breach, Brooks Brothers are the example how data breaches and
cybercrimes have affected the organization financially. Unauthorized access of data that are
related to the organizational operations may give access to the intruders to their accounts and
manipulate them for personal use.
Operational risk: Cyber crime and data breaches are common operational risk for the
organization and a topic of concern for all the organizations, because of the level of media
attention and financial regulators. Priority should be given to this as the rise in numbers and
complexities of cyber-attacks represents threat to an organization’s profitable existence and give
rise to the operational risks. Cyber threats may lead an organization towards exposures like costs
fraud losses, lawsuits and business continuity, which can be serious risk for the organization
towards its achievements and goals (Krekel, Adams and Bakos 2012). Intrusion can be made in
order to fraud the company, for example recently FinCEN provided evidence that Robert Eisten
Document Page
8
CYBER CRIME (AUSTRALIA)
had made fraud in the real-estate business and made money for personal benefits. Many
organizations including banks and other sectors have developed scenarios that are related to the
catastrophic events such as a cyber-attack in order to assess the operational risk exposures like
business continuity, costs, fraud losses, lawsuits
Measures to Mitigate Cyber Intrusions
Following are the few measures that can be helpful in mitigating the data breaches in the
organization:
Application whitelisting: It is designed in order to protect against malicious wares and
unauthorized access to the system where operational data of the organization are being saved.
The main aim of this application is to ensure that only software libraries (DDLS) and specifically
selected programs can be executed to the system and stop others from getting access to the
database of the system (Pfleeger and Caputo 2012). This could be helpful in resisting the
unwanted program execution in the system in order to keep the saved data protected from
unauthorized user or any intruder.
Patching applications: It is a critical activity in making sure that the system is completely
secures by patching the applications. This can be achieved by mitigating the system with
‘extreme risk’ vulnerabilities before two days and upgrading the application that are out dated
with the latest version that is available in the market or from any service provider. This will help
in new programs and coding for the application and the intruders will be vulnerable with these
codes and will not be able to make intrusion to the system using that application (Vukovic et al.
2012).
Patching Operating Systems:
Document Page
9
CYBER CRIME (AUSTRALIA)
The older version of the operating systems that are being used in the system is vulnerable
to the cyber-attack by the intruders. It is another critical activity in the steps of ensuring the
system security from vulnerable attacks. Similar to the applications, operating system also needs
to be upgraded with the latest updates in order to protect the system from any unauthorized
intrusions.
Restricting administrative privileges: Malicious actors generally attacked the
administrator accounts rather than other user accounts as they have more privilege to access than
other user accounts. The likelihood of compromising data can be reduced by restricting the
administrative privileges in the operating systems and neither allowing checking emails nor any
web browsing.
Responds to externally attempted cybercrime and data security breach
Responds to any external cyber crime and data breach can be done following four steps:
Step 1 Identifying Cyber Security Incidents: In order to identify cyber security incidents
an individual needs to analyze the level of the security breach and then confirm the type of
incident that which type of intrusion have been made. Some incidents are very easily detectable
whereas some are impossible to be detected as it recently happened to the Brook Brothers, stores
which had reported that the intrusion was detected after a year. For a year the personal
information of the individual were at stake (Hong, Liu and Govindarasu 2014). Many of these
incidents are made to steal confidential and credential information or data generally attempted by
the group of hackers in order to obtain the sensitive information and intellectual property of the
organization. This results, these are mostly unobtrusive and non-destructive (not all, some are
destructive), and undetectable, as the tracks have been covered by the intruders. Following are

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
10
CYBER CRIME (AUSTRALIA)
the actions that can help in detecting the cyber security incidents: Technical monitoring system
that can generate alert if any data is being transferred, stolen or manipulation of data can be
helpful in detecting these incidents and apply measures at early stage (Shin, Son and Heo 2015).
Example of these systems is DLP (Data Loss Prevention), IDS (Intrusion Detection System), log
analysis and antivirus. Anomalies detected by reviews or investigations, or by audits.
Step 2 Define Objectives and Investigate Situation: There are some questions that need to be
answered before reaching any conclusion about defining objective and situation, which are:
ï‚· Who was the intruder?
ï‚· What is the scope and extent of the attack?
ï‚· When the attack started?
ï‚· What is the loss?
ï‚· Why the intrusion was made?
Following are the objectives that an individual will have to learn about the intruder in order
to take counter measures based on the behavior of the intruder. An individual should determine
what methodologies attackers were using to access the data or information of the system.
Determining the motivation or intention of the intruders like whether it was made for extortion,
fraud, or it was made to steal intellectual property, or revenge or critical services could help an
individual in defining the objective and situation of the case. Another point that should be
determined for defining the situation and objective is the focus of the intruders, whether they
were focusing the organization, or individual, or the market of the organization (Singh et al.
2016). Under this section there are some measures that can help in mitigating these threats,
which are using cyber threat intelligence (CREST), conducting triage (This includes Classifying,
Document Page
11
CYBER CRIME (AUSTRALIA)
Prioritizing, and Assigning), carrying out first response, and performing initial analysis could
have helped JP Morgan Chase & Co. to keep the information more secured. These steps could
also help in preventing the intrusions like this, if ever happened again (Skully 2014).
Step 3 Take appropriate actions: Containing the cyber security incident is the first key of
action that should be taken after the initial investigation process, which includes:
ï‚· Blocking malware programs or sources like websites and email addresses.
ï‚· Logging and blocking of unauthorized user access, as an unauthorized user can
manipulate or expose the information to the world, which is not acceptable for any
organization with respect to the competitive market.
ï‚· Upgraded and filtered firewall, which could give resistance to the viruses from using the
system as platform to execute further damage (Heckman et al. 2013).
ï‚· Closing particular mails and ports servers which have the capability to upload malicious
program into the system. Many of the malicious viruses are generated using the emails
with malicious coding that can hamper the organization by manipulating the saved data
and information (Vacca 2013).
ï‚· Isolating the system means, not any type connections between the systems that are being
applicable in the organization could prevent the spread of malicious program to every
system. This will let the intruders to get access to only one system, which is also not good
for the organization but could help in minimizing the damage that intruders can do with
the information.
ï‚· Relocating website home pages, as it will make intruders impossible to track the coding
again and again and prepare for the intrusion.
Document Page
12
CYBER CRIME (AUSTRALIA)
Step 4 Recover systems, data and connectivity: This is the final step in order to mitigate the
threats that might affect the organization and detect them properly in order to take precautions
based on that, this includes following steps: An appropriate recovery plan will also be helpful in
fighting these intrusions, which should include the following objectives:
ï‚· Replacing the corrupted files with the fresh ones.
 Rebuilding the systems that are being affected by the intrusion, which is known as ‘clean’
sources.
ï‚· Resetting passwords of the accounts that are being compromised will help in saving the
information as it was informed by the notice of OneLogIn service provider to the users
that faced the intrusion (Javaid et al. 2012).
ï‚· Proper and regular auditing the system thoroughly might help in detecting the human
errors.
ï‚· Removing temporary constraints imposed during the containment period could help in
mitigating the impact of the intrusion in the organization.
ï‚· Integrity and controls of the business should be confirmed previously.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
13
CYBER CRIME (AUSTRALIA)
References:
Biener, C., Eling, M. and Wirfs, J.H., 2015. Insurability of cyber risk: An empirical analysis. The
Geneva Papers on Risk and Insurance Issues and Practice, 40(1), pp.131-158.
Heckman, K.E., Walsh, M.J., Stech, F.J., O'boyle, T.A., DiCato, S.R. and Herber, A.F., 2013.
Active cyber defense with denial and deception: A cyber-wargame experiment. computers &
security, 37, pp.72-77.
Hong, J., Liu, C.C. and Govindarasu, M., 2014, February. Detection of cyber intrusions using
network-based multicast messages for substation automation. In Innovative Smart Grid
Technologies Conference (ISGT), 2014 IEEE PES (pp. 1-5). IEEE.
Javaid, A.Y., Sun, W., Devabhaktuni, V.K. and Alam, M., 2012, November. Cyber security
threat analysis and modeling of an unmanned aerial vehicle system. In Homeland Security
(HST), 2012 IEEE Conference on Technologies for (pp. 585-590). IEEE.
Jennings, P. and Feakin, T., 2013. The emerging agenda for cybersecurity. Australian Strategic
Policy Institute.
Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L. and Kirda, E., 2015, July. Cutting the
gordian knot: A look under the hood of ransomware attacks. In International Conference on
Detection of Intrusions and Malware, and Vulnerability Assessment (pp. 3-24). Springer, Cham.
Kozik, R. and Choras, M., 2013, September. Current cyber security threats and challenges in
critical infrastructures protection. In Informatics and Applications (ICIA), 2013 Second
International Conference on (pp. 93-97). IEEE.
Document Page
14
CYBER CRIME (AUSTRALIA)
Krekel, B., Adams, P. and Bakos, G., 2012. Occupying the Information High Ground: Chinese
Capabilities for Computer Network Operations and Cyber Espionage Prepared for the US-China
Economic and Security Review Commission by Northrop Grumman Corp.
Kshetri, N., 2013. Privacy and security issues in cloud computing: The role of institutions and
institutional evolution. Telecommunications Policy, 37(4), pp.372-386.
Luiijf, E., Besseling, K. and De Graaf, P., 2013. Nineteen national cyber security
strategies. International Journal of Critical Infrastructures 6, 9(1-2), pp.3-31.
Pandey, S., Shah, N., Sharma, A. and Farik, M., 2016. Cybersecurity Situation In
Fiji. International Journal of Scientific & Technology Research, 5(7), pp.215-219.
Peters, R.M., 2014. So You've Been Notified, Now What: The Problem with Current Data-
Breach Notification Laws. Ariz. L. Rev., 56, p.1171.
Pfleeger, C.P. and Pfleeger, S.L., 2012. Analyzing computer security: a
threat/vulnerability/countermeasure approach. Prentice Hall Professional.
Rid, T., 2013. Cyber war will not take place. Oxford University Press, USA.
Scott, K.D., 2016. Joint Operating Environment 2035: The Joint Force in a Contested and
Disordered World. Joint Chiefs of Staff Washington United States.
Scully, T., 2014. The cyber security threat stops in the boardroom. Journal of business continuity
& emergency planning, 7(2), pp.138-148.
Shin, J., Son, H. and Heo, G., 2015. Development of a cyber security risk model using Bayesian
networks. Reliability Engineering & System Safety, 134, pp.208-217.
Document Page
15
CYBER CRIME (AUSTRALIA)
Singh, A. and Chatterjee, K., 2017. Cloud security issues and challenges: A survey. Journal of
Network and Computer Applications, 79, pp.88-115.
Singh, S., Sharma, P.K., Moon, S.Y., Moon, D. and Park, J.H., 2016. A comprehensive study on
APT attacks and countermeasures for future networks and communications: challenges and
solutions. The Journal of Supercomputing, pp.1-32.
Vacca, J.R. ed., 2013. Network and system security. Elsevier.
Von Solms, R. and Van Niekerk, J., 2013. From information security to cyber
security. computers & security, 38, pp.97-102.
Vukovic, O., Sou, K.C., Dan, G. and Sandberg, H., 2012. Network-aware mitigation of data
integrity attacks on power system state estimation. IEEE Journal on Selected Areas in
Communications, 30(6), pp.1108-1118.
1 out of 16
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]