Computer Security: WannaCry, Company Assets, and Risk Register
VerifiedAdded on 2022/08/12
|15
|2875
|18
Report
AI Summary
This report provides a comprehensive analysis of computer security, focusing on the WannaCry ransomware attack and its impact. It details the technical aspects of WannaCry, including its method of propagation and the vulnerabilities it exploited, such as the EternalBlue exploit and the Server Message Block (SMB) protocol. The report assesses various company assets, including employee skills, software, hardware, and data, and evaluates potential threats to these assets using a risk register. It identifies key risks such as virus attacks, hardware failures, and data breaches, and proposes corresponding security measures. Furthermore, the report suggests enhancements to the Acceptable User Policies (AUPs), including monitoring network devices, ensuring device compatibility, and upholding data security and privacy. The analysis underscores the importance of proactive security measures to mitigate the risks associated with cyber threats and protect company assets.
Running head: COMPUTER SECURITY
COMPUTER SECURITY
Name of the Student:
Name of the University:
Author note:
COMPUTER SECURITY
Name of the Student:
Name of the University:
Author note:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1COMPUTER SECURITY
Part A: WannaCry
(1) WannaCry is a Cryptoworm and Ransomware virus. This only attacks the computer
system running on the Microsoft windows. The devastating effect of the virus encrypts all
the information in the system which then becomes in accessible by the authentic users as
well. For the hackers to act on a system with the WannaCry virus, all he or she has to do
is to convince the user in downloading a malicious file which just by opening causes the
encryption of all the data and information in the system within three seconds, making it
completely invincible in terms of stopping the attack (Mohurle and Patil 2017). In order
to give the key to the encryption back, a high ransom is demanded from the company
using the operating system by the hackers.
(2) Within just days of its discovery, it was successful in affecting thousands of systems in
150 countries across the globe. It has a huge impact on global economy. A sum of around
$ 4 Billion loss was suffered by the companies across the world. Not only that, the
systems crippled instantly without any ones knowledge making it one of the toughest
thing to stop. As mentioned earlier, the time taken for the whole thing to affect the device
or the system is only three seconds, which is too less to prevent any attack in the world.
Even after 3 years of the alleged incident, we are still under a continuous threat of the
WannaCry virus (Martin et al. 2018).
(3) United States National Security Agency developed EternalBlue. This is one of the cyber-
attack developed by the NSA was leaked by a group of hackers named Shadow Brokers
on the 14th of April, 2017. Based on this cyber-attack technique, the WannaCry was
developed. The leaked technique of the NSA was weaponized by the hackers for their
benefits. Microsoft released the patches for Eternalblue to enhance the information
Part A: WannaCry
(1) WannaCry is a Cryptoworm and Ransomware virus. This only attacks the computer
system running on the Microsoft windows. The devastating effect of the virus encrypts all
the information in the system which then becomes in accessible by the authentic users as
well. For the hackers to act on a system with the WannaCry virus, all he or she has to do
is to convince the user in downloading a malicious file which just by opening causes the
encryption of all the data and information in the system within three seconds, making it
completely invincible in terms of stopping the attack (Mohurle and Patil 2017). In order
to give the key to the encryption back, a high ransom is demanded from the company
using the operating system by the hackers.
(2) Within just days of its discovery, it was successful in affecting thousands of systems in
150 countries across the globe. It has a huge impact on global economy. A sum of around
$ 4 Billion loss was suffered by the companies across the world. Not only that, the
systems crippled instantly without any ones knowledge making it one of the toughest
thing to stop. As mentioned earlier, the time taken for the whole thing to affect the device
or the system is only three seconds, which is too less to prevent any attack in the world.
Even after 3 years of the alleged incident, we are still under a continuous threat of the
WannaCry virus (Martin et al. 2018).
(3) United States National Security Agency developed EternalBlue. This is one of the cyber-
attack developed by the NSA was leaked by a group of hackers named Shadow Brokers
on the 14th of April, 2017. Based on this cyber-attack technique, the WannaCry was
developed. The leaked technique of the NSA was weaponized by the hackers for their
benefits. Microsoft released the patches for Eternalblue to enhance the information
2COMPUTER SECURITY
security, but the tool was already in use by the hackers which affected the entire
European companies and other Middle Eastern country’s companies as well.
(4) The Server Message Block or the SMB protocol was mainly exploited by EternalBlue by
NSA which when leaked was also misused by the infamous Ransomware- WannaCry.
This immediately stopped the access of the authentic users around the world form
accessing their information. The entire systems crippled in companies and other
institutions. All though the patch was immediately delivered by the Microsoft
Corporation which helped in fixing the issues to a certain extent (Mattei 2017).
(5) The CVE number for the issues related to EternalBlue is CVE-2017-1044. CVE Stands
for Common Vulnerabilities and Exposure.
CVE-2017-18346 for the SQL injection vulnerabilities, Fix Information, Vulnerable
Software Versions, SCAP Mapping and others.
CVE-2017-18601for CPE Information, Vulnerable Software Versions, CVSS Severity
Rating.
CVE-2018-6318 for the Sophos Tester Tool 2.2.0.7 for testing exploit software, hijacking
attack, and similar.
CVE-2018-19589 for the Incorrect Access Controls of the Security Officer.
CVE-2017-18362 for the management of the IT integration for the Kaseya VSA. This is a
vulnerability that is operated from the remote access and allows the attacker to access the
databases directly without any hindrance.
(6) Apart from the NHS (National Health Security USA), there are numerous organizations
that were affected by the WannaCry which includes some of the infamous companies as
well. the list of the companies are given in the section below:
security, but the tool was already in use by the hackers which affected the entire
European companies and other Middle Eastern country’s companies as well.
(4) The Server Message Block or the SMB protocol was mainly exploited by EternalBlue by
NSA which when leaked was also misused by the infamous Ransomware- WannaCry.
This immediately stopped the access of the authentic users around the world form
accessing their information. The entire systems crippled in companies and other
institutions. All though the patch was immediately delivered by the Microsoft
Corporation which helped in fixing the issues to a certain extent (Mattei 2017).
(5) The CVE number for the issues related to EternalBlue is CVE-2017-1044. CVE Stands
for Common Vulnerabilities and Exposure.
CVE-2017-18346 for the SQL injection vulnerabilities, Fix Information, Vulnerable
Software Versions, SCAP Mapping and others.
CVE-2017-18601for CPE Information, Vulnerable Software Versions, CVSS Severity
Rating.
CVE-2018-6318 for the Sophos Tester Tool 2.2.0.7 for testing exploit software, hijacking
attack, and similar.
CVE-2018-19589 for the Incorrect Access Controls of the Security Officer.
CVE-2017-18362 for the management of the IT integration for the Kaseya VSA. This is a
vulnerability that is operated from the remote access and allows the attacker to access the
databases directly without any hindrance.
(6) Apart from the NHS (National Health Security USA), there are numerous organizations
that were affected by the WannaCry which includes some of the infamous companies as
well. the list of the companies are given in the section below:
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3COMPUTER SECURITY
FedEX
Nissan
Russian Railway System: The systems froze and the telecommunication units
stopped working completely.
Hitachi: The Company suffered as well but the loss was not as much.
Chinese Public Security Bureau: the Information data base of the public security
was completely sabotaged. The information were inaccessible along with
numerous other problems occurring in the systems as well (Branquinho 2018).
(7) The infamous cryptoworm, the WannaCry is one of the most widely spreading virus in
the year of 2017 compromising around a billion of computers around the world. The
virus spread rapidly resulting in the compromised system with denial of authorized
access. This has resulted in the financial loss of around $ 4 billion in the global economy.
Mostly the European and the middle-eastern countries were affected; however it was
originated from the leaked technology of the United Stated NSA’s EternalBlue
technology being hacked by the Shadow Broker attacking group. In order to prevent that
from occurring, it is necessary to undertake few steps and they are:
Staying updated all the time. The attacks were mainly observed in the Windows
system, thus new security patch levels are frequently updated such that the
systems can stay protected.
Avoid opening files and sites from the unprotected websites, as they can be the
host of the virus.
Backing up of the data is also one of the ways in which the hazard due to
WannaCry can be prevented.
FedEX
Nissan
Russian Railway System: The systems froze and the telecommunication units
stopped working completely.
Hitachi: The Company suffered as well but the loss was not as much.
Chinese Public Security Bureau: the Information data base of the public security
was completely sabotaged. The information were inaccessible along with
numerous other problems occurring in the systems as well (Branquinho 2018).
(7) The infamous cryptoworm, the WannaCry is one of the most widely spreading virus in
the year of 2017 compromising around a billion of computers around the world. The
virus spread rapidly resulting in the compromised system with denial of authorized
access. This has resulted in the financial loss of around $ 4 billion in the global economy.
Mostly the European and the middle-eastern countries were affected; however it was
originated from the leaked technology of the United Stated NSA’s EternalBlue
technology being hacked by the Shadow Broker attacking group. In order to prevent that
from occurring, it is necessary to undertake few steps and they are:
Staying updated all the time. The attacks were mainly observed in the Windows
system, thus new security patch levels are frequently updated such that the
systems can stay protected.
Avoid opening files and sites from the unprotected websites, as they can be the
host of the virus.
Backing up of the data is also one of the ways in which the hazard due to
WannaCry can be prevented.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4COMPUTER SECURITY
Configuration of the Firewalls helps in protecting the system from the accessing
the information systems of the device. It prevents the malicious files from
opening in the browsers of the system by creating a layer of protection.
Configuration of the Firewalls helps in protecting the system from the accessing
the information systems of the device. It prevents the malicious files from
opening in the browsers of the system by creating a layer of protection.
5COMPUTER SECURITY
Part B:
(1) Company Assets:
Employee assets: the employees are qualified moderately and have a good share of
knowledge in the technical field. The in house staffs of the Company have a fair amount
of excellence in the field of work. At present there are 7 software developers, 8 sales
negotiators, 8 general supports, and 17 IT experts in the technical staffs managing the IT
specific task of the company.
Information technology Assets:
o Computer Software: Software are used by every company for the development and
operations of the online websites run by the company. Not only are that, in the e-
commerce industry, the software the center of all operations, thus it is one of the
important asset of the company.
o Hardware: For the software and applications to run appropriately, the need for the
hardware is essential as well, making it one of the other important asset for the
organization.
o Internet access and Wi-Fi: Online Activities needs internet access which is provided
by the company with the help of the routers.
o Data assets: This are the information assets of the companies consisting of the
information or sensitive details of the customers or the employees of the
organization. The details consists of the transaction ids and the others as well which
plays an important role in the company.
o Web Server: The data are stored in the web servers from where they can be accessed
by the authorized entities.
Part B:
(1) Company Assets:
Employee assets: the employees are qualified moderately and have a good share of
knowledge in the technical field. The in house staffs of the Company have a fair amount
of excellence in the field of work. At present there are 7 software developers, 8 sales
negotiators, 8 general supports, and 17 IT experts in the technical staffs managing the IT
specific task of the company.
Information technology Assets:
o Computer Software: Software are used by every company for the development and
operations of the online websites run by the company. Not only are that, in the e-
commerce industry, the software the center of all operations, thus it is one of the
important asset of the company.
o Hardware: For the software and applications to run appropriately, the need for the
hardware is essential as well, making it one of the other important asset for the
organization.
o Internet access and Wi-Fi: Online Activities needs internet access which is provided
by the company with the help of the routers.
o Data assets: This are the information assets of the companies consisting of the
information or sensitive details of the customers or the employees of the
organization. The details consists of the transaction ids and the others as well which
plays an important role in the company.
o Web Server: The data are stored in the web servers from where they can be accessed
by the authorized entities.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6COMPUTER SECURITY
o Security Assets: This are the encryption process, firewalls, CCTV surveillance
systems and others followed by the company.
Financial Assets: This includes the investors, investments, and revenue assets of the
company.
Building Assets: The building assets includes the workspace, the Secured Storage space,
and other accommodation sector of the business.
Customer: The biggest asset of the organization is its customers. They have numerous
customers opting for the event management for the company and the business.
The following risk register shows the threats to the system which can affect the efficiency
of the system (Hopkin 2018)
o Security Assets: This are the encryption process, firewalls, CCTV surveillance
systems and others followed by the company.
Financial Assets: This includes the investors, investments, and revenue assets of the
company.
Building Assets: The building assets includes the workspace, the Secured Storage space,
and other accommodation sector of the business.
Customer: The biggest asset of the organization is its customers. They have numerous
customers opting for the event management for the company and the business.
The following risk register shows the threats to the system which can affect the efficiency
of the system (Hopkin 2018)
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7COMPUTER SECURITY
Risk Register
Sl.
No.
Assets Threats Existing
Controls
Likelihood Consequences Level of
Risk
1 Customers The customers
may be
unsatisfied.
Well prepared
customer care
services.
Possible Reduced revenue
and profit.
High
2 Computer
Software
Viruses and
worm attacks
may occur
Firewalls are
present in the
systems. Third
party access to
the system are
present to
prevent
attacks.
Almost
Certain
Faulty services.
Service with
errors, files may
get corrupted,
spamming of the
emails and many
more.
High
3 Hardware Power failure is
one of the main
threat to the
hardware
systems as it
cannot work
efficiently
without it.
Incompatibility
is the other
threat to the
system.
Power back up
is present. The
system back
up and
updating is
performed on
a daily basis.
Likely Implementation
of the new
software becomes
difficult due to
incompatibility.
Not only that,
power failure can
result in the
delayed
performances or
halt the services
momentarily.
High
4 Data assets The data may be
stolen or altered
making the data
unavailable.
Encryption is
present, along
with other
security assets
which ensures
the security of
the system.
Almost
Certain
The data that is
stolen from the
organization can
be misused or
may be used for
the identity theft.
The details like
the bank id and
the transaction
details can be
used for the
purpose of
extracting money
by unfair means.
High
5 Internet
access and
Wi-Fi
Spoofing,
phishing and
man in the
middle attack is
prevalent in the
system.
Strong
encryption
helps in
preventing
MITM attacks
and the brute
force attacks.
The brute
force attack is
Almost
Certain
The loss of the
information
privacy, and
integrity.
High
Risk Register
Sl.
No.
Assets Threats Existing
Controls
Likelihood Consequences Level of
Risk
1 Customers The customers
may be
unsatisfied.
Well prepared
customer care
services.
Possible Reduced revenue
and profit.
High
2 Computer
Software
Viruses and
worm attacks
may occur
Firewalls are
present in the
systems. Third
party access to
the system are
present to
prevent
attacks.
Almost
Certain
Faulty services.
Service with
errors, files may
get corrupted,
spamming of the
emails and many
more.
High
3 Hardware Power failure is
one of the main
threat to the
hardware
systems as it
cannot work
efficiently
without it.
Incompatibility
is the other
threat to the
system.
Power back up
is present. The
system back
up and
updating is
performed on
a daily basis.
Likely Implementation
of the new
software becomes
difficult due to
incompatibility.
Not only that,
power failure can
result in the
delayed
performances or
halt the services
momentarily.
High
4 Data assets The data may be
stolen or altered
making the data
unavailable.
Encryption is
present, along
with other
security assets
which ensures
the security of
the system.
Almost
Certain
The data that is
stolen from the
organization can
be misused or
may be used for
the identity theft.
The details like
the bank id and
the transaction
details can be
used for the
purpose of
extracting money
by unfair means.
High
5 Internet
access and
Wi-Fi
Spoofing,
phishing and
man in the
middle attack is
prevalent in the
system.
Strong
encryption
helps in
preventing
MITM attacks
and the brute
force attacks.
The brute
force attack is
Almost
Certain
The loss of the
information
privacy, and
integrity.
High
8COMPUTER SECURITY
the technique
which can be
used by the
hackers to
guess the
passwords.
6 Webservers Distributed
Denial of
Services
Firewalls
(Satasiya
2016)
Likely The Authorized
access can be
denied, which
will affect the
entire systems
performances.
High
7 Security
Assets
The threat to the
security assets
includes the
brute force
attacks which is
used for the
guessing of the
passwords.
Encryption Almost
Certain
Guessing the
weak passwords
are easier and
thus can easily
break. The
security of the
system can be
easily
compromised.
High
8 Employee
assets
The new
Employees may
lack experience
of the new
technologies
which are being
introduced to
the system.
Employees
who are in the
organization
have adequate
knowledge in
the technical
field, they
may assist the
new
employees
with the
enhancement
of the
technological
knowledge.
Possible This may results
in in the less
productiveness in
the business. The
efficiency in the
business may be
affected which
may affect the
production and
the revenue.
Medium
9 Financial
Assets
Loss in the
revenue, failure
in finding
investors are the
greatest threats
in the financial
sectors.
No such
process is
present
Possible Poor revenue
system, lesser
investments leads
to less profits.
Medium
10 Building
Assets
This includes
the damage of
the building
assets. This may
be due to the
fire, or due to
the natural
The building
is prepared
following all
the necessary
precautions.
Unlikely Loss of the
property,
destruction of the
other assets.
Low
the technique
which can be
used by the
hackers to
guess the
passwords.
6 Webservers Distributed
Denial of
Services
Firewalls
(Satasiya
2016)
Likely The Authorized
access can be
denied, which
will affect the
entire systems
performances.
High
7 Security
Assets
The threat to the
security assets
includes the
brute force
attacks which is
used for the
guessing of the
passwords.
Encryption Almost
Certain
Guessing the
weak passwords
are easier and
thus can easily
break. The
security of the
system can be
easily
compromised.
High
8 Employee
assets
The new
Employees may
lack experience
of the new
technologies
which are being
introduced to
the system.
Employees
who are in the
organization
have adequate
knowledge in
the technical
field, they
may assist the
new
employees
with the
enhancement
of the
technological
knowledge.
Possible This may results
in in the less
productiveness in
the business. The
efficiency in the
business may be
affected which
may affect the
production and
the revenue.
Medium
9 Financial
Assets
Loss in the
revenue, failure
in finding
investors are the
greatest threats
in the financial
sectors.
No such
process is
present
Possible Poor revenue
system, lesser
investments leads
to less profits.
Medium
10 Building
Assets
This includes
the damage of
the building
assets. This may
be due to the
fire, or due to
the natural
The building
is prepared
following all
the necessary
precautions.
Unlikely Loss of the
property,
destruction of the
other assets.
Low
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9COMPUTER SECURITY
disasters as
well.
(2) From the Risk Register we identified the risks of the highest priority. Taking them into
consideration, certain changes has to be made to the Acceptable User Policies of the
Company. Apart from the existing policies, certain other policies have to be developed as
well and they are,
AUP3: Monitoring the devices that are connected to the network. All the devices that are
connected to the network has to be monitored before the network is accessed. The employees
must not connect their own devices to the company’s network. The devices that are
connected to the system were not monitored properly increasing the threats of sniffing and
spoofing in the system. The devices that are connected with the help of the passwords may
contain malicious filed which if not monitored can harm the system. This policy is to prevent
that from occurring. Monitoring the system helps in detecting the unusual activities in the
system as well which prevents all sort of malfunctioning in the system.
AUP 4: For the purpose of the company, the devices should be made compatible for the
latest technology as well. It is the duty of the Information Technology experts of the system
to ensure that the devices are up to date in the organization. This is to counter the issues of
incompatibility in the system. Incompatible devices are useless for the contemporary system
of information.
AUP 5: The Data Security and Privacy Policy must be complied with the system such that
the right to the privacy, integrity and availability of the data is maintained (Carey 2018).
According to this, the Client or the customer can access their own data on demand. The
sensitive information stored into the system may be removed on the demand or request of the
client.
disasters as
well.
(2) From the Risk Register we identified the risks of the highest priority. Taking them into
consideration, certain changes has to be made to the Acceptable User Policies of the
Company. Apart from the existing policies, certain other policies have to be developed as
well and they are,
AUP3: Monitoring the devices that are connected to the network. All the devices that are
connected to the network has to be monitored before the network is accessed. The employees
must not connect their own devices to the company’s network. The devices that are
connected to the system were not monitored properly increasing the threats of sniffing and
spoofing in the system. The devices that are connected with the help of the passwords may
contain malicious filed which if not monitored can harm the system. This policy is to prevent
that from occurring. Monitoring the system helps in detecting the unusual activities in the
system as well which prevents all sort of malfunctioning in the system.
AUP 4: For the purpose of the company, the devices should be made compatible for the
latest technology as well. It is the duty of the Information Technology experts of the system
to ensure that the devices are up to date in the organization. This is to counter the issues of
incompatibility in the system. Incompatible devices are useless for the contemporary system
of information.
AUP 5: The Data Security and Privacy Policy must be complied with the system such that
the right to the privacy, integrity and availability of the data is maintained (Carey 2018).
According to this, the Client or the customer can access their own data on demand. The
sensitive information stored into the system may be removed on the demand or request of the
client.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10COMPUTER SECURITY
AUP 6: As the company have a numerous systems that work in collaboration to establish an
IT framework, a common set of security is not enough for the company. For each and every
application in use, the security framework has to be specified. This enhances the protection
of the data assets and the other crucial assets for the organization (Rosenfeld, Torous and
Vahia 2017).
AUP 7: The employees working for the organization must not leave the system logged in and
unattended at the same time. This is to prevent any other entity of the organization to access
the system and make alterations.
AUP 8: Accessing own devices in the Company must be banned. This way the network can
be protected from the attacks of the malwares which again poses threat to the information
system of the business. If BYOD has to be practiced in the organization, proper monitoring
should be done in order to prevent un-sanctioned activities.
AUP 6: As the company have a numerous systems that work in collaboration to establish an
IT framework, a common set of security is not enough for the company. For each and every
application in use, the security framework has to be specified. This enhances the protection
of the data assets and the other crucial assets for the organization (Rosenfeld, Torous and
Vahia 2017).
AUP 7: The employees working for the organization must not leave the system logged in and
unattended at the same time. This is to prevent any other entity of the organization to access
the system and make alterations.
AUP 8: Accessing own devices in the Company must be banned. This way the network can
be protected from the attacks of the malwares which again poses threat to the information
system of the business. If BYOD has to be practiced in the organization, proper monitoring
should be done in order to prevent un-sanctioned activities.
11COMPUTER SECURITY
Risk Matrix:
Likelihood
ALMOST CERTAIN 7, 5,4.2
LIKELY 6,3
POSSIBLE 9, 8 1
UNLIKELY /LOW 10
LOW MEDIUM HIGH
Priority
Risk Matrix:
Likelihood
ALMOST CERTAIN 7, 5,4.2
LIKELY 6,3
POSSIBLE 9, 8 1
UNLIKELY /LOW 10
LOW MEDIUM HIGH
Priority
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 15
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2026 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.