PROMO!
10% OFF on all your orders!
COUPON: C10
+1 350 305 8666
Login
Order Now

Discussion Activity 2
1717 unread replies.1717 replies.
The second security news article is about changes in the threat landscape. Rather than using a video to
outline the topic, I have prepared a brief post about what I have seen as a security professional over the
years.
Over the last decade, Information Security professionals have observed significant changes in the threat
landscape. We have seen a shift from hacking for fun to hacking for a profit or cause. Our typical
adversaries are no longer script kiddie teenagers in their parent’s basement, but rather sophisticated
hacktivists, nation-state actors, military forces and terrorist organizations. Former FBI Director Robert
Mueller summarized it best during a 2012 press conference on cybercrime stating that “There are only two
types of companies: those that have been hacked, and those that will be. Even that is merging into one
category: those that have been hacked and will be again” (Cowley). It is not a matter of if you will be
hacked; it is just a matter of when.
In the recent years, we have seen some high profile breaches against large organizations such as Yahoo,
DNC, Sony, JP Morgan, Target, Home Depot, Adobe, and eBay (just to name a few). Not to mention
possibly the greatest bank heist in history in which hackers stole upwards of $1B from 100 banks across 30
countries (Krebs). This, of course, is only the tip of the iceberg, as many companies, especially those that
are privately held, opt not to disclose such incidents for fear of negative press. As Information Securitys.html)
professionals, we have begun to observe trends in how the majority of these attacks originate and
furthermore, how they are executed and not identified until after the hackers have completed their mission.
Whether it is a small credit union or a Fortune 500 company, if your company has information in which the
hackers find valuable, it is fair to assume that your organization will be attacked sooner rather than later.
More importantly, you could be a potential target.
Should a hacker identify you as a possible user who has access to such valuable information, you become
their primary target. This means that they begin doing reconnaissance work about who you are, who you
work with (managers, colleagues, direct reports, etc.), who you are affiliated with, what your hobbies are,
where you live, etc. Their typical source of all of this information you might ask? You guessed it… social
media (LinkedIn, Facebook, Twitter, etc.). They will then take this information and craft up what is referred
to as spearphishing emails. These differ from your traditional phishing emails; phishing emails are generic
emails send to hundreds (if not thousands) in mass that contain links to attempt to steal your
cookies/sessions/credentials or attachments to install malware. Spearphishing emails are specifically
designed to trick you [personally] into clicking the link or opening the attachment. For example: If your
social media profiles indicate that you are heavily involved in a non-for-profit organization in New York City,
a hacker might send you an email that appears to be coming from that non-for-profit group, asking for you
to open a PDF document or perhaps click on a link to confirm a donation. The likelihood of you taking one
of those actions is high, as you have some sort of emotional connection to that organization/cause.
So you clicked the link or opened the attachment, but nothing happened; that is exactly what the hackers
want you to think. Although you may not have noticed anything happen, by clicking the malicious
attachment or link, a remote access tool (RAT) could have been installed on your machine in the
background. RAT’s allow hackers to monitor keystrokes, log-in remotely or watch your screen. From there,
hackers perform what we refer to as “lateral attacks”. Lateral attacks differ from your traditional “drive-by”
attacks; drive-by attacks being similar to a “smash and grab” robbery in which the attackers quickly steal
and leave. Lateral attacks are slow, painful, and almost always under the radar. Hackers gain access to the
network and slowly elevate their access across different systems, databases, resources, etc. until they
ultimately find what they were looking for. This movement allows hackers to perform reconnaissance work
on the entire network, while also allowing them to maximum their “winnings” (e.g., the amount/kind of data
they steal). When it comes time to extract the data from the network, they don’t simply dump all of the data
at once; most network monitoring tools would catch such bursts of activity. Instead, they slowly trickle the
data out of your network, sometimes bytes at a time, just slow enough not to raise any red flags. It is
important to note that hackers have become very patient. Lateral attacks can occur throughout a few days,
months, or in some cases, years.
What should firms be doing to further protect themselves? As Information Security professionals, we know
that there are no such things as a “magical black box” that makes a firm 100% secure; any firm that says
that to you is lying. The only way to ever become 100% secure is to unplug or disconnect all of your
devices from the Internet. However, being as that most companies cannot afford to take such drastic
actions, we must rely on technology to not only detect but also prevent malicious activity from occurring in
our organizations.
Instructions
For this Discussion Activity, please identify a piece of [newer] security technology and write 2-3 paragraphs
about it. APA format (single spacing is allowable) should be followed; including the use of in-text citations.
This initial posting should be completed no later than Friday of the week that it is due. This deadline of
Friday will allow other students to review your comments and then respond to at least one other student’s
comment by the listed due date.
Some topics to discuss in your response could include: (a) what types of attacks it can help detect/prevent;(b) how it would be implemented in an organization; (c) advantages compared to competitors. To best
benefit, the group, do not simply write “anti-virus,” but provide us with a brand or manufacturer that you
have done some research on. Such a discussion should allow for knowledge sharing of different products;
perhaps others in this class could look at implementing these solutions in their organizations. Also note,
that these security technologies do not need to be related to information security; physical security is just
as important. It can be a piece of software, appliance/hardware, a SaaS solution, etc. Feel free to think
outside the box. I look forward to reading your responses.
WWW Resources
Cyber Security Tools & Techniques – Cross Domain Solutions (Links to an external site.)
Mission critical data in military operations are always under threat hence Cyber security tools & techniques
ought to be in place 24/7. Cross Domain Solution …
Cybercriminals will gravitate to criminal activity that maximizes their profit (Links to an external site.)
June 28, 2018 – McAfee released its McAfee Labs Threats Report: June 2018, examining the growth and
trends of new malware, ransomware, and other threats in Q1 2018 …
Cyber Security Considerations and Techniques – Sandvine (Links to an external site.)
Cyber Security Threat Mitigation Techniques …. 8 … bandwidth, connected devices, and affordable attack
tools that allow them to launch ever-more complex and …
Cybersecurity: Strategies and Techniques – IPCopper (Links to an external site.)
Cybersecurity is reactionary and most equipment relies on known signatures for detection. The winning
strategies employ packet capture for network …
Tactics, Techniques and Procedures (TTPs) Within Cyber Threat … (Links to an external site.)
Jan 19, 2017 – “Tactics” is also sometimes called “tools” in the acronym. … starting to hear about within
cyber security teams but few know and understand how …
References:
Cowley, Stacy. “FBI Director Says Cybercrime Will Eclipse Terrorism.” CNN. CNN, 2 Mar. 2012. Web. 29
Mar. 2015. http://money.cnn.com/2012/03/02/technology/fbi_cybersecurity/ (Links to an external site.).
Krebs, Brian. “Krebs on Security.” The Great Bank Heist, or Death by 1,000 Cuts? Krebs on Security, 15
Feb. 2015. Web. 29 Mar. 2015. http://krebsonsecurity.com/2015/02/the-great-bank-heist-or-death-by-1000-
cuts/ (Links to an external site.).
RUBRIC DETAILS
IST-456 MPS Discussion Activity Rubric 2
IST-456 MPS Discussion Activity Rubric 2
Criteria Ratings Pts
This criterion is linked to a Learning OutcomeIdentified topic of relevance to Security News and did
excellent job of explaining relevance.
25.0 pts
Full Marks
0.0 pts
No Marks
25.0 pts
This criterion is linked to a Learning OutcomeProvided one or more references (properly formatted) to other
sources of information relevant to the topic along with a brief explanation of the usefulness of the source.
5.0 pts
Full Marks
0.0 pts
No Marks

Menu