Information Security Management

Verified

Added on 2023/03/21

AI Summary

This document provides information on information security management, including researching network attacks, the GitHub DDOS attack, and a case study on maintaining security measures in a law firm. It covers types of attacks, their impact, mitigation options, and recommendations for protecting networks and resources.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: INFORMATION SECURITY MANAGEMENT
Information Security Management
Name of the Student
Name of the University
Author’s Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1INFORMATION SECURITY MANAGEMENT
Table of Contents
Part 1- Researching Network Attacks:...................................................................................................2
Part 2- Researching about GitHub DDOS Attack:...................................................................................3
Part 3- CASE STUDY:..............................................................................................................................6
References.............................................................................................................................................8

2INFORMATION SECURITY MANAGEMENT
Part 1- Researching Network Attacks:
The recent computer system attack which will be evaluated in this part of the paper is the
famous WannaCry Ransomware attack.
Name of the attack WannaCry
Type of attack Ransomware Attack
Date of the attack 12th May 2017 to 15th May 2017
Computers/ Organizations affected More than 200000 computer systems across 150 countries
were directly affected due to this computer system attack.
Numerous commercial establishments were significantly
affected during this security attack.
How it worked?
The social engineers of this attack encrypted essential business documents of major commercial
organizations and decrypted the files only after getting ransom amounts in the form of bit coins.
The security loopholes of the Microsoft Windows Operating System was capitalized by the social
engineers. According to the investigative sources, it can be identified that the social engineers
were primarily from North Korea. The initial thought about this security threat was that it
occurred due to the vulnerability of the SMB port rather than email phishing email. This global
attack had a huge undesirable impact on the users of the computer systems. This attack encrypts
files from the computer systems and then demanded huge ransom from the users. After getting
the bit coins the social engineers releases the decryption tools. The role of the social engineers
were very much important during this ransomware attack.
What it did?
The duration of this attack was four days, as within these four days the social engineers of this
attack earned billions of dollars in the form of bit coins from the affected organizations. Most of
the commercial organizations which used the older version of the Microsoft Windows were the hit
by this security attack. The security vulnerabilities of the Microsoft Windows was capitalised by
the social engineers of this security attack. The business data and the financial statement of the
business organizations were encrypted by the social engineers during this security attack. Business
facilities of Ukraine, Taiwan, Russia and India were compromised during this attack. Networking
devices of the hospitality such as the MRI scanner, blood storage refrigerators and the theatre
equipment’s were severely compromised during this attack as well. The anti-hacking tools were
not good enough to address the security threat coming from this ransomware. Thus, this attack

3INFORMATION SECURITY MANAGEMENT
had a huge undesirable on the productivity of the commercial establishments.
Mitigation option
The mitigation strategy was given by Microsoft Corporation it as they release the security patch
which can be very much important to minimize the loopholes of Windows operating systems.
Several kill switches were created and distributed by Microsoft Corporation in order to deal with
this security threat. At the same time it can also be said that the users of the computers systems
must be using the updated versions of the Operating Systems due to the presence of the internal
security measures which can be very much beneficial in order to prevent several cyber security
issues such as the ransomware. The recent security practices must be resent in the computer
systems as it can help the users to minimize the limitations of the Operating Systems. Clicking the
unfamiliar links should be avoided in the first place in order to prevent ransomware threats. It
can also be said that the backup strategies should be their most the business documented which
are very much important for the success of commercial organization.
Reference
Chen, Q. and Bridges, R.A., 2017, December. Automated behavioral analysis of malware: A case
study of wannacry ransomware. In 2017 16th IEEE International Conference on Machine Learning
and Applications (ICMLA) (pp. 454-460). IEEE.
Part 2- Researching about GitHub DDOS Attack:
Q1) How it works and what techniques are used?
In the year 2018, the code hosting website of Github was hit with a huge DDoS security
attack, data peak speed of this security attack is 1.35 Tbps. Most of the previous botnet attacks were
conducted by the social engineers using the botnets but this DDoS attack does not involved any
botnet attacks. Malicious packets were used by the social engineer to identify the networking
security of this global establishment. The entire networking structure of GitHub were compromised
during this 10 min DDoS attack. Most of the networking traffic could not be controlled by the server
administrators of the GitHub. DDoS attack tools were used by the social engineers during this
security attack. Memcache servers were also used by the social engineers during this security attack.
Malware driven botnets were used by DDoS attackers.
Q2) How this attack is propagated?
This attack was propagated using the autonomous system which have thousands of unique
end points. It can be said that more than 126.9 million packets per seconds were accessed by the

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4INFORMATION SECURITY MANAGEMENT
social engineers of this DDoS attack. This DDoS attack was propagated using the misconfigured
memcached servers.
Q3) Discuss the impact of this attack on the operation of an organization? What are some key
steps organizations can take to help protect their networks and resources?
The compromise of the network was identified using the autonomous systems. The inbound
as well as the outbound data were managed by the social engineers during this DDoS attack. Both
the websites as well as the websites based services were compromised during this security attack.
All the functionalities of the website of this corporation were impacted during this attack [3]. The
traffic of the organizational network were out of control during this attack. This security attack had a
great business impact on this organization, this attack resulted in huge financial losses for this
corporation, at the same time this security attack also resulted in huge reputational loss for this
commercial establishments.
There are different security measures which can be taken by the different commercial
establishments such as the following:
 The inbound transit of this corporation must be increased in the first place in order to
prevent the security threats.
 Fortification of network defenses can be very much useful to prevent and detect security
issue.
 Building up appropriate firewalls can be very much important to identify the security issues
of the government network.
 Installation of the anti-malware and anti-virus solutions can also be very much important to
understand the security loopholes of the organizational network.
 Educating the employees of the organization about the network security issues can help the
organization to deal with the threats coming from inside the organizations.
 The passwords infractions as well as the accessing of the dangerous links should be stopped
in order to provide any kinds of support to the social when they will be looking for loopholes
in the organizational network.
These security steps can be very much helpful for the commercial organizations to protect their
organizational network and resources from threats coming from both outside or inside the
commercial establishments.

5INFORMATION SECURITY MANAGEMENT
Q4) Give an example of a duty of the Incident response planning, Disaster recovery planning and
Business continuity planning when having an unexpected event like this attack.
Attack Incident response planning Disaster
recovery
planning
Business continuity
planning
DDoS Systematic and well documented method
can be very much important to manage the
initial situation during this security attack.
Risk potential for the stakeholders of the
organization should be also considered by
the management team of this organization.
Action plan should be selected accordingly.
The workforces of the organization must
be a part of the plan.
Content delivery
Network must be
considered in the
disaster recovery
plan during the
DDoS attack.
DDoS mitigation
appliances can be
the other
important step
during the
disaster recovery
plan. The
network traffic
must also be a
part of the
disaster recovery
plan. Technical
as well as the
security
responsibilities of
the employees
must be
enhanced using
innovative ideas.
All the operations of the
business must be
monitored after this
security attack. The
identification of the
disaster recovery plan can
also be the most significant
part of the business
continuity plan. The
network traffic of the
organization must be
identified during the
business continuity plan.
Professionally implemented
backup files should be
there to manage the
essential statement of the
business.
Q5) How GitHub’s incidence recovery plan helped limiting the downtime of this attack?
The set of instructions which are maintained in the working environment of this organization
is very much important to deal with the threat which came from the DDoS attack. The Digital
Forensics and the Incident Response (DFIR) team maintained by GitHub helped in the gathering of
evidence within seconds of this security attack [2]. The Security Incident Response Team (SIRT)
monitored the compromised internal systems and the other organizational assets of this
organization.
Q6) Briefly describe the lessons learned from this DDOS attack.
Based on all the above discussion, it can be said that every organization should be taking all
the precautionary steps in order to deal with any kinds of network security breaches such as the

6INFORMATION SECURITY MANAGEMENT
DDoS attack. Security policies of commercial organizations should be revised in order to deal with
the innovative approaches taken by the social engineers during these attacks.
Q7) If any Australian organization or Australian businesses is infected with cyber-attacks, who is
the main point of contact for this cyber security issues?
The authorized organization who looks after the cyber security issues of the Australian
organizations or the Australian business is the national Computer Emergency Response Team (CERT).
Threats pictures are identified by this organization according to the category of the business, at the
same time it can also be said that that this organization this organization advises the commercial
enterprises regarding the network security vulnerabilities.
Part 3- CASE STUDY:
To: Enter the name
From: Enter the name
CC: Enter the name
Date: 25.05.2019
Re: Importance of maintaining security measures in Queensland Law firm
Introduction
Data is considered as an asset in most of the commercial organizations such as the QLD law
firm and the network security threats such as DDoS as well as the phishing emails [9]. The network
security issues can have a significant impact on the productivity of commercial organizations.
Scammers played a huge role in this security breached as they manipulated the lawyers of this
organization and got the login credentials [8]. After that the scammers monitored all the activities of
the firm including the invoice requests
Seriousness of the situation
It can be said that the database administrator and the network administrators must be
monitoring each of the activities which comes in and out of this organization [7]. The top level
management team must be very much serious about the security issues coming from social
engineers as well as the scammers as they are bringing up new techniques such as manipulation of
the target using phone calls.
Highlight key breaches

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7INFORMATION SECURITY MANAGEMENT
During the security breach the scammer sent false message to the false bank accounts of the
scammers, as a result all the business transactions went into the hand of the scammers [6]. Thus, it
can be said that thus security issues had an undesirable impact on the net profitability of the
business.
Elaborate ITSec recommendations
Based on the security breach on Queensland Law Society it can be said that role of the
network management team is very much important as they can help QLS to understand the reason
behind the security issues [10]. Each of the employees of this law firm should be understanding the
importance of maintaining stronger alphanumeric passwords. The passwords should not be shared
with anyone outside the organization [5]. It can also be recommended that the Multi-Factor
Authentication (MFA), as well as the Security Awareness Training (SAT), can be very much important
for this law firm as it can enhance the network security and also detection of any kinds of unethical
intrusions.
Conclusion
This memo can be very much important for both the internal along with the external
stakeholders of this law firm to understand the security concerns coming from both the employees
of the organization as well as the from scammers. It can also be said that the employees of this law
firm should not be falling into the trapped of any phone calls coming from the scammers. Essential
data of this organization such as the bank account of the stakeholders, credit card numbers and file
storage must be saved from the scammers so that the business growth of the law firm is maintained.
However, it can also be said that the concept of social engineering must be known to each of the
stakeholders of this law firm as it would help them to deal with the future security threats coming
from both inside or outside the organization.

8INFORMATION SECURITY MANAGEMENT
References
[1] Q. Chen and R.A. Bridges. Automated behavioral analysis of malware: A case study of wannacry
ransomware. In 2017 16th IEEE International Conference on Machine Learning and Applications
(ICMLA) (pp. 454-460). IEEE., 2017.
[2] A. Alsadhan, A. Hussain, and M.M Alani. Detecting NDP Distributed Denial of Service Attacks
Using Machine Learning Algorithm Based on Flow-Based Representation. In 2018 11th International
Conference on Developments in eSystems Engineering (DeSE) (pp. 134-140). IEEE, 2018
[3] Z. Zhang, V. Vasavada, J. Lin, R. Siva, and K. Kesava. Producer-assisted pushback. Technical Report
NDN-0065, NDN, Tech. Rep, 2018.
[4] O. Wennergren, M. Vidhall, and J. Sörensen. Transparency analysis of Distributed file systems:
With a focus on InterPlanetary File System, 2018
[5] R. Al Halaseh 2016. Analyzing cybercrimes strategies: The case of phishing attack. In 2016
Cybersecurity and Cyberforensics Conference (CCC) (pp. 82-88). IEEE, 2016
[6] B.B Gupta, N.A Arachchilage, and K.E Psannis. Defending against phishing attacks: taxonomy of
methods, current issues and future directions. Telecommunication Systems, 67(2), pp.247-267, 2018
[7] N.A.G. Arachchilage, and M.A Hameed. Integrating self-efficacy into a gamified approach to
thwart phishing attacks. arXiv preprint arXiv:1706.07748, 2017
[8] A.K. Jain and B.B. Gupta. Comparative analysis of features based machine learning approaches for
phishing detection. In 2016 3rd International Conference on Computing for Sustainable Global
Development (INDIACom) (pp. 2125-2130). IEEE, 2016
[9] D. Cotroneo, K. Pattabiraman and A. Pecchia. Guest Editors’ Introduction: Special Issue on Data-
Driven Dependability and Security. IEEE Transactions on Dependable and Secure Computing, (6),
pp.913-914, 2016.
[10] T. Shcherbakova, M. Vergelis, and N. Demidova. Spam and phishing in Q3 2015. Kaspersky Labs,
2015

1 out of 9

+13062052269

info@desklib.com

Information Security Management

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

VIRUS ATTACK. Virus attack. Name of the Student Name of

IT Security: WannaCry Ransomware Attack

Analyzing the WannaCry Ransomware Attack

Assignment on Ransomware and Cyber Security

Security Breaches and Measures to Prevent Them

(PDF) Overview of Cyber Security