Security Principles Case Study 2022

Consider how the three trends discussed in the CommBank report could impact a University and discuss potential mitigations for each of these trends.

6 Pages893 Words25 Views

Added on 2022-09-26

Security Principles Case Study 2022

Consider how the three trends discussed in the CommBank report could impact a University and discuss potential mitigations for each of these trends.

Added on 2022-09-26

Related Documents

Running head: SECURITY PRINCIPLES
Security Principles
Name of the Student
Name of the University
Author’s Note

1SECURITY PRINCIPLES
Question 1
Collaboration with industry leads to malware takedown
The 3ve software infected more than 700,000 computer system with advertising malware,
forcing affected machines to visit counterfeit sites where fake advertisement money was created
by the 3ve developers. In a related case of malware proliferation, Google found November that
13 applications contained malware in the Android App Store. The applications have been
deleted, but have already been downloaded 560,000 times in total. This can cause the data breach
to the infected system and can remove or access all the sensitive and confidential data of the
users.
For preventing the attack, the organizations must ensure that the organizations have a
stable antivirus installed and that this is maintained up to date. The organizations must educate
workers against clicking on links, installing applications or visiting unfamiliar websites that
could contain malware
Data breaches continue to snowball
There could be inability to identify and investigate data violations also have wide-ranging
implications. The breach of Marriott in December, which could affect guests up to 500m14 who
made the reservation at the Starwood hotel, ranks among the largest data breaches reported,
aggravated by the degree of time that attackers could have access to the devices or system. For
preventing such attack, the organization should educate the senior executives and the board
about increasing regulatory and public attention on data security and the possible consequences
of a violation for your company. The organization must give training to the staffs about the best
practices and policies of password and the phishing attack.

2SECURITY PRINCIPLES
China accused of global hacking campaign
In 2018, the US Department of Justice charged two of the Chinese nationals with
potentially belonging to the hacking organization known as the Advanced Persistent Threat
10. In an operation that spanned the world and lasted many years, the organization is believed to
have threatened private businesses and government departments for access to the intellectual
property and this could cause the loss of the intellectual property of the organization. For
preventing such attack, organization should ensure that the data is transmitted over encrypted
networks in the event that it falls into the wrong hands. They should keep up-to-date with
the hardware threat reports and be prepared to upgrade computers if necessary.
Question2
The three phishing emails, which were used during the campaign using the ontological
model, are:
9 November 2018
The campaign for the hacker began with the spearphishing email sent to the senior staff
member's mailbox. The hacker also obtained access to the schedule of senior staff member’s
details which was used in the hacker's effort to launch further spearphishing attacks.
25-26 of November
The hacker used spearphishing emails to begin the second attempt
for obtaining credentials. This email entitled "invitation" has been sent to one external email
address. Some of these emails tend to be experiments to determine if the mail filters will block
spearphishing emails from the perpetrator. This spearphishing attempt resulted in

End of preview

Want to access all the pages? Upload your documents or become a member.

Preventing Social Engineering Attacks in IT Networking Designing

|779

|218

Cyber-Security: Phishing, Spear Phishing, Ransomware, Scareware and Enterprise Information Security

|11

|1381

|117

Analysis of Security Issues

|1303

|286

Preventive Measures and Vulnerabilities in Computer Accounting System

|751

|102

Malware Attack Report: Zenith Stock Exchange

|15

|1137

|222

Cybercrime: Types of Scams, Laws, and Penalties

|1753

|341

Security Principles Case Study 2022

Security Principles Case Study 2022

End of preview

Preventing Social Engineering Attacks in IT Networking Designinglg...

Cyber-Security: Phishing, Spear Phishing, Ransomware, Scareware and Enterprise Information Securitylg...

Analysis of Security Issueslg...

Preventive Measures and Vulnerabilities in Computer Accounting Systemlg...

Malware Attack Report: Zenith Stock Exchangelg...

Cybercrime: Types of Scams, Laws, and Penaltieslg...

Preventing Social Engineering Attacks in IT Networking Designing

Cyber-Security: Phishing, Spear Phishing, Ransomware, Scareware and Enterprise Information Security

Analysis of Security Issues

Preventive Measures and Vulnerabilities in Computer Accounting System

Malware Attack Report: Zenith Stock Exchange

Cybercrime: Types of Scams, Laws, and Penalties