Australian National University Security Principles Report

Verified

Added on 2022/09/14

AI Summary

This report analyzes security principles, focusing on extended validation (EV) certificates and their evolving role in web security. It discusses the advantages and disadvantages of changes in browser behavior regarding EV certificates, considering the perspectives of various stakeholders. The report then delves into a case study of the Australian National University (ANU) data breach, describing the incident using the MITRE ATT&CK framework and the ACSC threat lifecycle to provide a comprehensive understanding of the attack. It examines the characteristics of the incident, including the attackers' motivations, the type of attack (spear phishing), and the data compromised, with references to relevant statistics from the Verizon Data Breach Investigations Report. The analysis covers credential theft, infrastructure compromise, and data exfiltration, offering insights into the attack's impact and the importance of robust cybersecurity measures.

Running head: SECURITY PRINCIPLES
SECURITY PRINCIPLES
Name of the Student
Name of the University
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1SECURITY PRINCIPLES
Discussions
Week 3
The extended validation certificates are new kind of SSL certificates that are intended to give
users more confidence in who the user is and that you control their website (Callan and
Bailey 2019). These are important as it provides assurance to the end users about the identity
of the organization.
The advantages of the change in behaviour of browser are:
 It upgrades the trust of the clients
 Ensures the integrity of data of the websites
 It boost the search engine optimization rank of the websites
 It establishes the ownership of a website that is legal
The disadvantages of the change in behaviour of the browser include:
 It arises various technical complications in the websites
 Mobile configuration is not easy
 The change in browsers consume large amount of resources
 The change in behaviour of the websites minimizes the speed of loading of the websites
 It does not provide warning messages to the visitors when the SSL is configured and
migrate to HTTPS.
Week 4
2) The framework of MITRE attack is a matrix of tactics that is comprehensive and these are
the methods those are utilised by the hunters of threats, defenders and the red teamers in
order to categorize attacks and evaluate the risk of an organization. Various organization can

2SECURITY PRINCIPLES
utilise the framework in order to recognise the vulnerabilities in the defense and then
prioritize them based on the risk of the organization (Strom et al 2018).
Using the MITRE attack framework the attack that has been employed on the Australian
National University is spear phishing. The incident that has occurred in the university is that
the attacker has sent emails in order to get the credentials and then attacked the web server of
the company. The web server was compromised and the by getting access to the legacy
infrastructure, the attacker gained access of the main network of the University. The second
spear phishing email was sent in order to obtain the credentials of the files (Broadhurst et al
2018). The attacker got hold of one of the user credentials and using that the attacker
accessed the ESD files of the university. After that, the attacker sent the third spear phishing
email. The mail disabled the ability of the spam filter to detect the malicious emails. The third
phishing attack got hold of the credentials of one of the administrator, but the university
implemented a firewall that cut out the attack from the first workstation of the University.
After that, the attacker sent the fourth email and it compromised handfuls of privileged
accounts but the staffs of the University removed the attack. With these attacks, the hacker
was able to scan the server of web of the University and it led to an intrusion attack. The
attempt was an intrusion attack but the attack was unsuccessful (Broadhurst et al 2017). The
University should have used the MITRE framework in order to identify the holes in the
security and then stop these attacks.
The full form of ACSC is advanced cyber security centre is a non-profit organization those
are driven by members and they are committed to strengthen the defences of cyber security
and preparing the response of the region to large-scale threats to cyber. The threat lifecycle of
ACSC is identify, defend, detect, respond and then recover (Lin et al 2018). The Australian
National University must have used this lifecycle in order to protect the assets of the
company. The University should have identified the malicious mail when it was first send by

3SECURITY PRINCIPLES
the attacker. It has led to the access to their assets and access to the important information of
the students and the employees. After two attacks they detected the phishing, they
implemented firewall, and the workstation one of the University was recovered. The attacker
has tried an intrusion attack but was not successful with it and the company could recover
most of the files that was accessed. The University must follow the ACSC threat lifecycle in
order to mitigate these attacks.
3) The characteristics of the attack was a spear phishing that is a type of phishing attack.
There was credential theft, infrastructure of the university was compromised and data of the
university was stolen. The motivation was the attackers were to steal the data of the
university and damage the infrastructure of the company (Ho et al 2017). The type of attack
was a phishing attack and the attacker sent malicious emails to the university from which he
could obtain the credentials of the administrators and accessed the web server of the
university. The data that was compromised include the data of the student and the employees.
The credentials of the administrators, the databases were compromised and ESD files of the
files were accessed.
In the Verizon data breach 6 million accounts of the customers were exposed. The data that
were breached included addresses, names, phone numbers, information of the accounts and
the pin code of the customers (Enterprise 2016).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4SECURITY PRINCIPLES
References
Broadhurst, R., Skinner, K., Sifniotis, N., Matamoros-Macias, B. and Ipsen, Y., 2018.
Phishing and Cybercrime Risks in a University Student Community. Available at SSRN
3176319.
Broadhurst, R., Woodford-Smith, H., Maxim, D., Sabol, B., Orlando, S., Chapman-Schmidt,
B. and Alazab, M., 2017. Cyber Terrorism: Research Review: Research Report of the
Australian National University Cybercrime Observatory for the Korean Institute of
Criminology. Available at SSRN 2984101.
Callan, T. and Bailey, C., 2019. Changes to extended validation indicators put users at
risk. Network Security, 2019(12), pp.6-8.
Enterprise, V., 2016. Data breach investigations report. Url: www. verizonenterprise.
com/resources/reports/rp_DBIR_2016_Report_en_xg. pdf.
Ho, G., Sharma, A., Javed, M., Paxson, V. and Wagner, D., 2017. Detecting credential
spearphishing in enterprise settings. In 26th {USENIX} Security Symposium ({USENIX}
Security 17) (pp. 469-485).
Lin, P., Li, T., Liu, X., Zhao, H., Yang, J. and Zhu, F., 2018, June. An Immunity-Based
Security Threat Detection System for Cyberspace Digital Virtual Assets. In International
Conference on Cloud Computing and Security (pp. 601-611). Springer, Cham.
Strom, B.E., Applebaum, A., Miller, D.P., Nickels, K.C., Pennington, A.G. and Thomas,
C.B., 2018. Mitre att&ck: Design and philosophy. MITRE Product MP, pp.18-0944.