logo

IT Security Management

Investigate and discuss the appropriate design and secure solutions for varieties of organisations, implement a process to support the administration and the management of organisations’ security, conduct practical investigations into network systems including industry procedures of information gathering, vulnerability identification, exploitation and privilege escalation.

8 Pages1563 Words201 Views
   

Added on  2023-04-04

About This Document

This document provides information on IT Security Management, including research on network attacks, the GitHub DDoS attack, and cyber security breaches. It discusses the impact of these attacks and provides mitigation options and incident response planning.

IT Security Management

Investigate and discuss the appropriate design and secure solutions for varieties of organisations, implement a process to support the administration and the management of organisations’ security, conduct practical investigations into network systems including industry procedures of information gathering, vulnerability identification, exploitation and privilege escalation.

   Added on 2023-04-04

ShareRelated Documents
Running head: IT SECURITY MANAGEMENT
IT Security Management
Name of the student:
Name of the university:
Author Note:
IT Security Management_1
1IT SECURITY MANAGEMENT
Table of Contents
Part 1 Research of Network Attacks......................................................................................................2
Part 2 GitHub DDoS attack.....................................................................................................................3
Part 3 MEMO.........................................................................................................................................5
References.............................................................................................................................................6
IT Security Management_2
2IT SECURITY MANAGEMENT
Part 1 Research of Network Attacks
Name of the attack: WannaCry Cyber Attack
Type of the attack: Ransomware Attack
Dates of Attack: 12th May 2017, Friday
Organization or computers affected: The effects initially occurred in Asia, infecting at about
230,000 computers in all over 150 countries. The
countries that were mostly affected are Ukraine, Russia,
Taiwan as well as India. The largest agency affected by
this attack is the National Health Service hospitals in the
countries of Scotland and England.
How it works and what it did:
The infection was initially caused due to the exposed vulnerable port of SMB, but at the
initial time, it was assumed that the cause was email phishing. It targeted the computers of the
various organizations that did not updated their Microsoft OS security from April 2017. The
computers were at high risk that were running on the unsupported versions of the operating
system that is Microsoft Windows [1]. The computers that were running on the OS like Windows
XP or Windows Server 2003 are depicted to be at high risk, as these systems did not updated their
security patches since April 2014.
Mitigation Options:
There are certain options regarding the mitigation of the ransomware attack. These are
stated as follows:
Encryption of Data: The data is to be encrypted for the attackers so that they cannot be
breached regarding this type of attack.
The emergence of the BITCOIN is a significant factor regarding this type of attacks. Hence
the governing body must anonymously look into the security of the BITCOINS.
Proper backup of the data is to be maintained in the server for the restriction of data loss
[2].
The system level protection of the server is to be maintained for blocking the ransomware
in the system level that will reduce the vulnerabilities of the information security.
References
[1] S. Mohurle and M. Patil. A brief study of wannacry threat: Ransomware attack 2017.
International Journal of Advanced Research in Computer Science, 8(5) , 2017
[2] S.K. Sahi,. A Study of WannaCry Ransomware Attack. International Journal of Engineering
IT Security Management_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
IT Security: WannaCry Ransomware Attack
|12
|3038
|37

IT Security Management
|12
|2958
|324

Information Security Management
|9
|2715
|98

Ransomware Attacks: WannaCry and NotPetya
|10
|1871
|366

Wannacry: A Cyber-Warfare in Modern Times
|11
|2953
|469

The WannaCry Ransomware: Concept, Impact, and Response
|13
|774
|175