Cybersecurity & Human Behavior: Analyzing Breaches & Interventions
VerifiedAdded on 2023/04/21
|20
|6007
|115
Report
AI Summary
This report analyzes a cybersecurity breach at Watson's Widgets through the lens of the NIST cybersecurity framework, focusing on identification, protection, detection, response, and recovery. The breach involved social engineering tactics, including a disgruntled ex-employee and a ransomware attack initiated through a compromised USB drive and employee browsing habits. The report proposes interventions to mitigate such attacks, such as enhanced employee training, stricter access controls, and improved web filtering. Furthermore, it delves into the ethical and moral issues surrounding the use of human behavior analysis and modification techniques in cybersecurity, emphasizing the importance of balancing security measures with individual privacy and autonomy. The report concludes by underscoring the need for a holistic approach to cybersecurity that addresses both technical vulnerabilities and human factors.
Running head: HACKING THE HUMAN
Hacking the Human
Name of the Student
Name of the University
Author’s Note:
Hacking the Human
Name of the Student
Name of the University
Author’s Note:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1
HACKING THE HUMAN
Table of Contents
Introduction................................................................................................................................2
Discussion..................................................................................................................................2
Part 1: Analysis of the Breach................................................................................................2
Part 2: Proposed Interventions for Mitigating against the Attack..........................................7
Part 3: Ethical and Moral Issues for Using Human Behaviour Analysis and Modification
Techniques...........................................................................................................................14
Conclusion................................................................................................................................15
References................................................................................................................................16
HACKING THE HUMAN
Table of Contents
Introduction................................................................................................................................2
Discussion..................................................................................................................................2
Part 1: Analysis of the Breach................................................................................................2
Part 2: Proposed Interventions for Mitigating against the Attack..........................................7
Part 3: Ethical and Moral Issues for Using Human Behaviour Analysis and Modification
Techniques...........................................................................................................................14
Conclusion................................................................................................................................15
References................................................................................................................................16
2
HACKING THE HUMAN
Introduction
Cyber security or computer security can be stated as the proper protection of several
computer systems either from damage or theft to the respective software, hardware as well as
electronic data (Von Solms and Van Niekerk 2013). Moreover, the subsequent protection
from any kind of misdirection or disruption of the major services that are being provided. The
following report outlines a brief discussion on the case study of Watson’s Widgets. A proper
analysis of the breach with NIST framework, proposed interventions to mitigate such attacks
as well as ethical and moral issues to use human behaviour analysis and even modification
techniques will be described here.
Discussion
Part 1: Analysis of the Breach
An engineering firm was set by Brian Watson and recently his two sons, Davis and
Robert are running the business. Janice has started working recently and she is the Senior
admin and PA of this company. She is working excellently and is getting a generous salary.
Both David and Robert are in the process of restructuring their business in response to the
manufacturing processes since Brian had been using traditional methodologies in the start of
the business. However, while overhauling the IT systems after inclusion of cyber security
policies, they checked that there were some of the significant discrepancies in the store,
which were being traced back to their respective store manager, Jamie Smith. They were
hence forced to sack Jamie, although in deference to their father’s wishes, they allowed Jamie
Smith to resign and work with a week’s notice.
After one week of Jamie’s resignation, Janice noticed a person was wandering around
the offices near the desk of a colleague, who was on holiday. After reviewing the CCTV
footage, the management of the firm realized that this particular person was on the premises
HACKING THE HUMAN
Introduction
Cyber security or computer security can be stated as the proper protection of several
computer systems either from damage or theft to the respective software, hardware as well as
electronic data (Von Solms and Van Niekerk 2013). Moreover, the subsequent protection
from any kind of misdirection or disruption of the major services that are being provided. The
following report outlines a brief discussion on the case study of Watson’s Widgets. A proper
analysis of the breach with NIST framework, proposed interventions to mitigate such attacks
as well as ethical and moral issues to use human behaviour analysis and even modification
techniques will be described here.
Discussion
Part 1: Analysis of the Breach
An engineering firm was set by Brian Watson and recently his two sons, Davis and
Robert are running the business. Janice has started working recently and she is the Senior
admin and PA of this company. She is working excellently and is getting a generous salary.
Both David and Robert are in the process of restructuring their business in response to the
manufacturing processes since Brian had been using traditional methodologies in the start of
the business. However, while overhauling the IT systems after inclusion of cyber security
policies, they checked that there were some of the significant discrepancies in the store,
which were being traced back to their respective store manager, Jamie Smith. They were
hence forced to sack Jamie, although in deference to their father’s wishes, they allowed Jamie
Smith to resign and work with a week’s notice.
After one week of Jamie’s resignation, Janice noticed a person was wandering around
the offices near the desk of a colleague, who was on holiday. After reviewing the CCTV
footage, the management of the firm realized that this particular person was on the premises
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3
HACKING THE HUMAN
all the morning. The other employees, who had spoken to him got answer that he was Sam, a
new employee and was appointed by David. When computer logs were checked, it was
realized that a new admin account was being created and the organizational employee payroll
records were copied and then sold on the dark web. After proper investigation, it was found
out that Jamie, during his last week at work had posted several posts on LinkedIn and
Facebook and was approached by Sam for sharing his employee ID and proximity pass to get
involved in illegal activity and obtain 5000 pounds.
The next week while Janice was entering her office building, a USB drive was found
on the ground and when she put it into her PC, it showed that it the files were copied and a
ransomware attack has occurred. An image showed that the attacker demanded for a certain
ransom is to be paid to decrypt the files. The organization was able to identify the point and
with a decryptor tool, was able to decrypt the files, however after losing a full day’s business.
It was found out that few workers on shop floor were members of Fantasy Football League
had the habit to check out few web sites during lunch break. A new site offering was found
out by one player and it was the source of a ransomware attack.
The above mentioned breach could be easily analysed with the help of NIST cyber
security framework (Shackelford et al. 2015). This particular framework helps in providing a
policy framework of the computer security guidance for the procedure of private sector
organizations so that could assess as well as improve the overall ability of preventing,
detecting and responding to the cyber attacks. This framework eventually provides a higher
level taxonomy of cyber security results or a methodology to manage and assess the results.
Several changes subsequently involve proper guidance on the procedure of performing self
assessments, supply chain risk management details, interaction with the supply chain
stakeholders and various others (Abawajy 2014).
HACKING THE HUMAN
all the morning. The other employees, who had spoken to him got answer that he was Sam, a
new employee and was appointed by David. When computer logs were checked, it was
realized that a new admin account was being created and the organizational employee payroll
records were copied and then sold on the dark web. After proper investigation, it was found
out that Jamie, during his last week at work had posted several posts on LinkedIn and
Facebook and was approached by Sam for sharing his employee ID and proximity pass to get
involved in illegal activity and obtain 5000 pounds.
The next week while Janice was entering her office building, a USB drive was found
on the ground and when she put it into her PC, it showed that it the files were copied and a
ransomware attack has occurred. An image showed that the attacker demanded for a certain
ransom is to be paid to decrypt the files. The organization was able to identify the point and
with a decryptor tool, was able to decrypt the files, however after losing a full day’s business.
It was found out that few workers on shop floor were members of Fantasy Football League
had the habit to check out few web sites during lunch break. A new site offering was found
out by one player and it was the source of a ransomware attack.
The above mentioned breach could be easily analysed with the help of NIST cyber
security framework (Shackelford et al. 2015). This particular framework helps in providing a
policy framework of the computer security guidance for the procedure of private sector
organizations so that could assess as well as improve the overall ability of preventing,
detecting and responding to the cyber attacks. This framework eventually provides a higher
level taxonomy of cyber security results or a methodology to manage and assess the results.
Several changes subsequently involve proper guidance on the procedure of performing self
assessments, supply chain risk management details, interaction with the supply chain
stakeholders and various others (Abawajy 2014).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4
HACKING THE HUMAN
Figure 1: NIST Cyber Security Framework
(Source: Dunn Cavelty 2013)
There are five distinct aspects of this framework, which are identification, protection,
detection, response and finally recovering. The details of the NIST cyber security framework
are as follows:
i) Identification: The first and the foremost aspect of this NIST cyber security is the
proper identification of the breach or issue (Shackelford et al. 2015). A proper understanding
for managing the cyber security risks to the assets, capabilities, data and systems is done in
the first step. For this particular case study, the identification of cyber security breach is that
Janice found out a pen drive after Jamie resigned from work. However, when she put that
particular pen drive in her respective system, the entire system was hacked and all the
confidential data were encrypted with a demand of ransom. It was a ransomware attack and
proper risk management strategy was required to reduce the risks (Shackelford et al. 2015).
Moreover, due to this particular cyber attack or ransomware attack, the organizational
policies, processes and procedure were required to manage as well as monitor the overall
organizational regulatory, risk, environmental, legal and finally operational requirements
were to be understood and the management of cyber security risks were to be informed.
HACKING THE HUMAN
Figure 1: NIST Cyber Security Framework
(Source: Dunn Cavelty 2013)
There are five distinct aspects of this framework, which are identification, protection,
detection, response and finally recovering. The details of the NIST cyber security framework
are as follows:
i) Identification: The first and the foremost aspect of this NIST cyber security is the
proper identification of the breach or issue (Shackelford et al. 2015). A proper understanding
for managing the cyber security risks to the assets, capabilities, data and systems is done in
the first step. For this particular case study, the identification of cyber security breach is that
Janice found out a pen drive after Jamie resigned from work. However, when she put that
particular pen drive in her respective system, the entire system was hacked and all the
confidential data were encrypted with a demand of ransom. It was a ransomware attack and
proper risk management strategy was required to reduce the risks (Shackelford et al. 2015).
Moreover, due to this particular cyber attack or ransomware attack, the organizational
policies, processes and procedure were required to manage as well as monitor the overall
organizational regulatory, risk, environmental, legal and finally operational requirements
were to be understood and the management of cyber security risks were to be informed.
5
HACKING THE HUMAN
Janice was quite scared about the vulnerability of this attack and thus she informed the higher
authority of the respective organization. David, on the other hand, decrypted the various
encrypted files and hence the business of a whole day was affected majorly (Bada and Sasse
2014). Moreover, due to the presence of such distinctive cyber attack, the entire security
system of that particular engineering firm was effected and the organizational mission,
activities and objectives were hampered subsequently.
ii) Protection: The second specific aspect of the NIST cyber security framework is
protection (Shackelford et al. 2015). In this specific framework, accurate and relevant
safeguards were both developed as well as implemented for the purpose of ensuring delivery
of critical infrastructure services. A proper data security is highly required here for managing
the records and information with the help of organizational risk strategy and protection of
confidentiality, integrity and availability of data. Furthermore, the maintenance and repairing
of information system component and industrial control is being performed consistently with
various processes and policies (Ning, Liu and Yang 2013). The technical security solution is
also managed for ensuring the resilience as well as security of assets and systems for being
consistent with the respective related agreements, processes and policies. In this particular
case study of Watson’s Widgets, the CEO of the organization, Rob used a specific decryptor
tool to decrypt the several confidential files and data and hence was able to create a
protection against such files. Furthermore, since they were restructuring their business, they
could have easily changed or altered their policies and procedures of the business for bringing
better protection in the systems and assets.
iii) Detection: The third or the next aspect of this NIST cyber security framework is
detection of the cyber attack effectively. Appropriate activities should be developed and
implemented for the proper identification of occurrence of any cyber security event. A proper
detection of anomalies and events within a timely manner and hence the potential impact of
HACKING THE HUMAN
Janice was quite scared about the vulnerability of this attack and thus she informed the higher
authority of the respective organization. David, on the other hand, decrypted the various
encrypted files and hence the business of a whole day was affected majorly (Bada and Sasse
2014). Moreover, due to the presence of such distinctive cyber attack, the entire security
system of that particular engineering firm was effected and the organizational mission,
activities and objectives were hampered subsequently.
ii) Protection: The second specific aspect of the NIST cyber security framework is
protection (Shackelford et al. 2015). In this specific framework, accurate and relevant
safeguards were both developed as well as implemented for the purpose of ensuring delivery
of critical infrastructure services. A proper data security is highly required here for managing
the records and information with the help of organizational risk strategy and protection of
confidentiality, integrity and availability of data. Furthermore, the maintenance and repairing
of information system component and industrial control is being performed consistently with
various processes and policies (Ning, Liu and Yang 2013). The technical security solution is
also managed for ensuring the resilience as well as security of assets and systems for being
consistent with the respective related agreements, processes and policies. In this particular
case study of Watson’s Widgets, the CEO of the organization, Rob used a specific decryptor
tool to decrypt the several confidential files and data and hence was able to create a
protection against such files. Furthermore, since they were restructuring their business, they
could have easily changed or altered their policies and procedures of the business for bringing
better protection in the systems and assets.
iii) Detection: The third or the next aspect of this NIST cyber security framework is
detection of the cyber attack effectively. Appropriate activities should be developed and
implemented for the proper identification of occurrence of any cyber security event. A proper
detection of anomalies and events within a timely manner and hence the potential impact of
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6
HACKING THE HUMAN
these anomalous events is being understood (Shackelford et al. 2015). The respective
information system as well as assets are properly monitored at the discrete intervals for the
proper identification of cyber security events as well as verification of effectiveness of the
protective measures. The detection procedures and processes are maintained and examined
for properly ensuring adequate and timely awareness of the anomalous events (Robinson et
al. 2013). In this specific case study of Watson’s Widgets, the organizational higher
authority, Rob investigated and found out the cause of the respective ransomware attack.
Although the blame was on Janice, the specific USB drive turned out to be alright and they
were able to find out the respective source of infection. This infection was due to few of the
workers, who were working on the shop floor and all of them quite enthusiastic members of a
Fantasy Football League. They had the significant habit to check out relevant web sites
during their lunch break. Amongst them, one of the players had found a new site offering of
enhancements to the game for fee and it eventually turned out that particular web site, which
was the source of this ransomware attack.
iv) Response: The fourth significant feature of this NIST framework is response. The
appropriate activities are to be developed and implemented properly for the purpose of
undertaking actions regarding the specific event of cyber security (Shackelford et al. 2015).
Response planning or response procedures or processes should be both executed and
maintained for ensuring timely responses to the detected cyber security events. Response
activities were coordinated with the external and internal stakeholders for including external
support from the law enforcement agencies. Proper analysis is also conducted for adequate
response or support of the recovery activity (McGraw 2013). Within the case study of
Watson’s Widgets, proper response analysis should be conducted for the purpose of ensuring
adequate support and response to the recovery activities. Moreover, activities for mitigation
are being performed for preventing expansion of event, mitigation of effects as well as
HACKING THE HUMAN
these anomalous events is being understood (Shackelford et al. 2015). The respective
information system as well as assets are properly monitored at the discrete intervals for the
proper identification of cyber security events as well as verification of effectiveness of the
protective measures. The detection procedures and processes are maintained and examined
for properly ensuring adequate and timely awareness of the anomalous events (Robinson et
al. 2013). In this specific case study of Watson’s Widgets, the organizational higher
authority, Rob investigated and found out the cause of the respective ransomware attack.
Although the blame was on Janice, the specific USB drive turned out to be alright and they
were able to find out the respective source of infection. This infection was due to few of the
workers, who were working on the shop floor and all of them quite enthusiastic members of a
Fantasy Football League. They had the significant habit to check out relevant web sites
during their lunch break. Amongst them, one of the players had found a new site offering of
enhancements to the game for fee and it eventually turned out that particular web site, which
was the source of this ransomware attack.
iv) Response: The fourth significant feature of this NIST framework is response. The
appropriate activities are to be developed and implemented properly for the purpose of
undertaking actions regarding the specific event of cyber security (Shackelford et al. 2015).
Response planning or response procedures or processes should be both executed and
maintained for ensuring timely responses to the detected cyber security events. Response
activities were coordinated with the external and internal stakeholders for including external
support from the law enforcement agencies. Proper analysis is also conducted for adequate
response or support of the recovery activity (McGraw 2013). Within the case study of
Watson’s Widgets, proper response analysis should be conducted for the purpose of ensuring
adequate support and response to the recovery activities. Moreover, activities for mitigation
are being performed for preventing expansion of event, mitigation of effects as well as
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
HACKING THE HUMAN
eradicating the incidents. There are some of the organizational response activities are being
improved by the incorporation of lessons learned from any previous detection or response
activities (Sommestad, Ekstedt and Holm 2013). Several distinctive response activities are
present for proper communication and detection of cyber security events.
v) Recovering: The final or the fifth aspect of this NIST cyber security framework is
recovering (Shackelford et al. 2015). The appropriate and accurate activities are to be
developed as well as implemented for the maintenance of plans for resilience or restoring of
the services and capabilities, which were required to be impaired as a cyber security event.
Recovery planning should be executed or maintained for ensuring timely restoration of assets
and systems affected by cyber security events. Furthermore, the restoration activities like
owners of attacking systems, Internet Service Providers, coordinating centres and many
others are being coordinated with the internal and external parties (Ashok, Hahn and
Govindarasu 2014). In this case study of Watson’s Widgets, the ransomware attack in the
engineering firm was recovered after the proper decryption of files with a decryptor tool and
after loss of one day’s business, the confidential data and files were finally recovered
successfully.
Part 2: Proposed Interventions for Mitigating against the Attack
Ransomware is the subset of malware, where the relevant data within the data in a
victim’s system is locked usually by encryption and then payment is demanded before that
ransomed data is being decrypted (Amin et al. 2013). After this decryption, access is
eventually returned to the victim. The most significant motive for this type of attack is always
monetary and unlike the other attacks, here the victim is being notified that any exploit has
subsequently occurred and is provided instructions to get recovered from the attacks. The
payment is demanded within a virtual currency like Bitcoin so that the identity of the cyber
criminal is not known. This ransomware malware could be spread through the infected
HACKING THE HUMAN
eradicating the incidents. There are some of the organizational response activities are being
improved by the incorporation of lessons learned from any previous detection or response
activities (Sommestad, Ekstedt and Holm 2013). Several distinctive response activities are
present for proper communication and detection of cyber security events.
v) Recovering: The final or the fifth aspect of this NIST cyber security framework is
recovering (Shackelford et al. 2015). The appropriate and accurate activities are to be
developed as well as implemented for the maintenance of plans for resilience or restoring of
the services and capabilities, which were required to be impaired as a cyber security event.
Recovery planning should be executed or maintained for ensuring timely restoration of assets
and systems affected by cyber security events. Furthermore, the restoration activities like
owners of attacking systems, Internet Service Providers, coordinating centres and many
others are being coordinated with the internal and external parties (Ashok, Hahn and
Govindarasu 2014). In this case study of Watson’s Widgets, the ransomware attack in the
engineering firm was recovered after the proper decryption of files with a decryptor tool and
after loss of one day’s business, the confidential data and files were finally recovered
successfully.
Part 2: Proposed Interventions for Mitigating against the Attack
Ransomware is the subset of malware, where the relevant data within the data in a
victim’s system is locked usually by encryption and then payment is demanded before that
ransomed data is being decrypted (Amin et al. 2013). After this decryption, access is
eventually returned to the victim. The most significant motive for this type of attack is always
monetary and unlike the other attacks, here the victim is being notified that any exploit has
subsequently occurred and is provided instructions to get recovered from the attacks. The
payment is demanded within a virtual currency like Bitcoin so that the identity of the cyber
criminal is not known. This ransomware malware could be spread through the infected
8
HACKING THE HUMAN
software applications, compromised web sites, infected external storage device as well as
malicious email attachments (Ben-Asher and Gonzalez 2015). The growing number of
attacks have utilized remote desktop protocols or even any other approach, which do not
depend on all types of forms of user interactions. This malware might even change the
respective login credentials of the victim for computing devices and the files could be
encrypted over the infected device or any other connected network devices (Elmaghraby and
Losavio 2014). The most popular and significant ransomware attacks were Crypto Locker
and Wanna Cry.
This ransomware is a type of malware, which usually encrypts the data for the
purpose of blocking access to the relevant data only until and unless fees are paid to that
specific attacker. When the hype is being utilized for outweighing the original risk and
ransomware has evolved, spread as well as grown effectively in more sophisticated manner in
response to the efforts for defending against the attack (Sou, Sandberg and Johansson 2013).
Few of the most important and significant high profile ransomware attacks that have taken
place in these few years with the growing tide of threats. The volumes of ransomware have
eventually incremented by more than 350% within the year of 2017 as per NIIT Security
Report. These security professionals have tasked with the respective safeguarding company
data and they should have the ransomware over their radars and hence it is vital to undertake
some of the major steps for mitigation of this threat. However, prevention is always better
than cure; however no security system is perfect as it pays to prepare for the worst activity by
simple creation of the recovery plan.
For mitigation of any kind of ransomware attack, cyber security is extremely
important. This type of field is eventually growing majorly for the proper reliance on the
computer based systems, wireless networks like wireless fidelity and Bluetooth as well as the
Internet connection (Choucri, Madnick and Ferwerda 2014). Due to the significant growth of
HACKING THE HUMAN
software applications, compromised web sites, infected external storage device as well as
malicious email attachments (Ben-Asher and Gonzalez 2015). The growing number of
attacks have utilized remote desktop protocols or even any other approach, which do not
depend on all types of forms of user interactions. This malware might even change the
respective login credentials of the victim for computing devices and the files could be
encrypted over the infected device or any other connected network devices (Elmaghraby and
Losavio 2014). The most popular and significant ransomware attacks were Crypto Locker
and Wanna Cry.
This ransomware is a type of malware, which usually encrypts the data for the
purpose of blocking access to the relevant data only until and unless fees are paid to that
specific attacker. When the hype is being utilized for outweighing the original risk and
ransomware has evolved, spread as well as grown effectively in more sophisticated manner in
response to the efforts for defending against the attack (Sou, Sandberg and Johansson 2013).
Few of the most important and significant high profile ransomware attacks that have taken
place in these few years with the growing tide of threats. The volumes of ransomware have
eventually incremented by more than 350% within the year of 2017 as per NIIT Security
Report. These security professionals have tasked with the respective safeguarding company
data and they should have the ransomware over their radars and hence it is vital to undertake
some of the major steps for mitigation of this threat. However, prevention is always better
than cure; however no security system is perfect as it pays to prepare for the worst activity by
simple creation of the recovery plan.
For mitigation of any kind of ransomware attack, cyber security is extremely
important. This type of field is eventually growing majorly for the proper reliance on the
computer based systems, wireless networks like wireless fidelity and Bluetooth as well as the
Internet connection (Choucri, Madnick and Ferwerda 2014). Due to the significant growth of
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9
HACKING THE HUMAN
smart devices like televisions and smart phones, Internet of things and all smaller technology
based devices, cyber security is highly required. For the presence of complexity, cyber
security is termed as one of the most important challenges in the world. The security
eventually consists of physical security and cyber security and both of these are being utilized
by the enterprises for the core purpose of protecting against the unauthorized or
unauthenticated access to the respective data centres as well as computerized systems. The
information security is being designed for maintaining the CIA or confidentiality, integrity
and availability of information and it is major subset of cyber security. This type of cyber
security majorly needs the proper management of efforts within any information system (Sou,
Sandberg and Johansson 2013). The major elements of cyber security are information
security, application security, end user education, disaster recovery, operational security,
network security and business continuity planning.
In this case study of Watson’s Widget, Janice and the engineering firm could easily
prevent these types of ransomware attacks. Few of the prevention strategies for removal of
ransomware attack are provided below:
i) Security Awareness Training: The first and the most important and significant
prevention strategy of any kind of ransomware attack is security awareness training (Knowles
et al. 2015). There are some of the most basic and unique methods, which the specific
ransomware could get into the network, however one of the most likely strategy is through a
phishing attack. When any employee is unwittingly clicks or taps on a link, these employees
must not open a wrong electronic mail attachment, this ransomware might obtain a
subsequent foot hold on the system and then rapidly spread throughout the network. For the
engineering firm of Janice, a proper and significant security awareness training program
should be launched and hence reduce the overall threat of employee error, hence leading to
the ransomware infection. Since, one of the employees has accessed an unsafe web site called
HACKING THE HUMAN
smart devices like televisions and smart phones, Internet of things and all smaller technology
based devices, cyber security is highly required. For the presence of complexity, cyber
security is termed as one of the most important challenges in the world. The security
eventually consists of physical security and cyber security and both of these are being utilized
by the enterprises for the core purpose of protecting against the unauthorized or
unauthenticated access to the respective data centres as well as computerized systems. The
information security is being designed for maintaining the CIA or confidentiality, integrity
and availability of information and it is major subset of cyber security. This type of cyber
security majorly needs the proper management of efforts within any information system (Sou,
Sandberg and Johansson 2013). The major elements of cyber security are information
security, application security, end user education, disaster recovery, operational security,
network security and business continuity planning.
In this case study of Watson’s Widget, Janice and the engineering firm could easily
prevent these types of ransomware attacks. Few of the prevention strategies for removal of
ransomware attack are provided below:
i) Security Awareness Training: The first and the most important and significant
prevention strategy of any kind of ransomware attack is security awareness training (Knowles
et al. 2015). There are some of the most basic and unique methods, which the specific
ransomware could get into the network, however one of the most likely strategy is through a
phishing attack. When any employee is unwittingly clicks or taps on a link, these employees
must not open a wrong electronic mail attachment, this ransomware might obtain a
subsequent foot hold on the system and then rapidly spread throughout the network. For the
engineering firm of Janice, a proper and significant security awareness training program
should be launched and hence reduce the overall threat of employee error, hence leading to
the ransomware infection. Since, one of the employees has accessed an unsafe web site called
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10
HACKING THE HUMAN
enhancements, security awareness training is important (Wang and Lu 2013). If such
awareness training would had been present, the particular employee would definitely not
have accessed that web site and such issue would not had been raised. Thus, this is one of the
most popular and noteworthy prevention strategy for reducing ransomware attack.
ii) Updates, Configuration and Patches: The second important or vital prevention
strategy of any type of ransomware attack is proper updates, patches as well as
configurations. The proper end point security hygiene is extremely vital to prevent all kinds
of ransomware. The respective attackers would eventually look for misconfigurations and
vulnerabilities so that they could easily exploit to obtain subsequent access to the network
(Amin et al. 2013). When any unsafe system is present in the network, it becomes quite
easier for the attacker to gain access of the confidential data and hence spread vulnerabilities
majorly. The organization must ensure that the systems as well as devices are constantly
upgraded with the respective latest security patches. Moreover, they should not make any
kind of default configurations, so that the attacker does not get any scope of hacking.
iii) Up to Date Asset Inventory: The next subsequent prevention strategy of the
ransomware attack is to keep an up to date asset inventory (Dunn Cavelty 2013). When the
victim will not know which of the devices are legally connected to the public or private
clouds, it is not possible to recognize as well as prevent the attacks. A real time overview of
each and every device is highly required within the network and even a clear understanding
of the major permissions is needed for every device that is based on the user. Internet of
Things is considered as one of the most important and popular target (Kott 2014). In the
provided case study of Watson’s Widget, Rob and David should have thought about the
protection of their systems and devices earlier, so that such issue would not have occurred.
HACKING THE HUMAN
enhancements, security awareness training is important (Wang and Lu 2013). If such
awareness training would had been present, the particular employee would definitely not
have accessed that web site and such issue would not had been raised. Thus, this is one of the
most popular and noteworthy prevention strategy for reducing ransomware attack.
ii) Updates, Configuration and Patches: The second important or vital prevention
strategy of any type of ransomware attack is proper updates, patches as well as
configurations. The proper end point security hygiene is extremely vital to prevent all kinds
of ransomware. The respective attackers would eventually look for misconfigurations and
vulnerabilities so that they could easily exploit to obtain subsequent access to the network
(Amin et al. 2013). When any unsafe system is present in the network, it becomes quite
easier for the attacker to gain access of the confidential data and hence spread vulnerabilities
majorly. The organization must ensure that the systems as well as devices are constantly
upgraded with the respective latest security patches. Moreover, they should not make any
kind of default configurations, so that the attacker does not get any scope of hacking.
iii) Up to Date Asset Inventory: The next subsequent prevention strategy of the
ransomware attack is to keep an up to date asset inventory (Dunn Cavelty 2013). When the
victim will not know which of the devices are legally connected to the public or private
clouds, it is not possible to recognize as well as prevent the attacks. A real time overview of
each and every device is highly required within the network and even a clear understanding
of the major permissions is needed for every device that is based on the user. Internet of
Things is considered as one of the most important and popular target (Kott 2014). In the
provided case study of Watson’s Widget, Rob and David should have thought about the
protection of their systems and devices earlier, so that such issue would not have occurred.
11
HACKING THE HUMAN
iv) Continuous Vulnerability Assessment: Another efficient and effective strategy to
prevent any kind of ransomware attack is the continuous vulnerability assessment (Halevi,
Lewis and Memon 2013). The various cyber criminals would always undertake the path of
the lowest resistance and hence these ransomware attacks eventually exploit every known
vulnerability within the famous software. The respective organization or victim would require
a security system, which should be updated with each and every latest revelation in respect of
vulnerabilities and the data should be cross checked with the network for ensuring that any
easier route is not being offered. This type of continuous vulnerability assessment is also
effective for identifying if any kind of discrepancy has occurred for stopping to spread
vulnerabilities majorly (Buczak and Guven 2016). Rob and David was able to identify the
vulnerability after it had taken place; however if this kind of continuous vulnerability
assessment would have been present, they would have easily identified the ransomware
attack previously.
v) Real Time Traffic Monitoring: The next subsequent prevention strategy for any
type of ransomware attack is the real time traffic monitoring (Hong, Liu and Govindarasu
2014). A lot of focus is present for filtering as well as blocking in bound connections;
however this should be done for the out bound connections as well. This ransomware would
also obtain proper access and then dial home for the further instructions. When the initial out
bound attempts are blocked for the purpose of connecting to the server of the attacker, then
the victim would be able to cease the respective ransomware attack even before it is getting
off the ground. Any type of suspicious traffic in either of direction must be flagged
automatically and several alerts should be generated for further investigation (Wells et al.
2014). This type of real time monitoring would had been extremely vital for David and Rob
for tracking what Jamie has done in the work place.
HACKING THE HUMAN
iv) Continuous Vulnerability Assessment: Another efficient and effective strategy to
prevent any kind of ransomware attack is the continuous vulnerability assessment (Halevi,
Lewis and Memon 2013). The various cyber criminals would always undertake the path of
the lowest resistance and hence these ransomware attacks eventually exploit every known
vulnerability within the famous software. The respective organization or victim would require
a security system, which should be updated with each and every latest revelation in respect of
vulnerabilities and the data should be cross checked with the network for ensuring that any
easier route is not being offered. This type of continuous vulnerability assessment is also
effective for identifying if any kind of discrepancy has occurred for stopping to spread
vulnerabilities majorly (Buczak and Guven 2016). Rob and David was able to identify the
vulnerability after it had taken place; however if this kind of continuous vulnerability
assessment would have been present, they would have easily identified the ransomware
attack previously.
v) Real Time Traffic Monitoring: The next subsequent prevention strategy for any
type of ransomware attack is the real time traffic monitoring (Hong, Liu and Govindarasu
2014). A lot of focus is present for filtering as well as blocking in bound connections;
however this should be done for the out bound connections as well. This ransomware would
also obtain proper access and then dial home for the further instructions. When the initial out
bound attempts are blocked for the purpose of connecting to the server of the attacker, then
the victim would be able to cease the respective ransomware attack even before it is getting
off the ground. Any type of suspicious traffic in either of direction must be flagged
automatically and several alerts should be generated for further investigation (Wells et al.
2014). This type of real time monitoring would had been extremely vital for David and Rob
for tracking what Jamie has done in the work place.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 20
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2026 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.