Exploring the security ecosystem of a cyber incident


Exploring the Security Ecosystem of a Cyber Incident  At this point, we have explored how individual computers are systems of hardware and software that work in concert to implement a von Neumann architecture. We have also explored the networking technologies that allow these individual computers to be linked together to form large information systems. We have even quickly examined the technologies that have allowed companies to build cloud systems out of these networked computers. In this assignment, you are asked to identify a cyber security incident and explain the various hardware, software, networking and human aspects of the incident.  Objectives Identify emerging threats to information security and develop effective approaches to addressing those threats; Assignments  First, choose a serious cyber incident that impacted a information system. The “cyber incident” can be any event that has been reported in the news that involved networked systems that was caused by an individual or an organization, either intentionally or unintentionally, in which there were substantial consequences that created harm, costs, or substantial inconvenience to other people. For the event to be considers substantial, the incident need not affect large numbers of people — there could, for example, be small effects on many people, or large effects on a few people. You might find such incidents in the news, or from Risks Digest, or from Wikipedia, or from various places on the Web that a search for “cyber incident” or “cyberattack” turns up (e.g., CSIS). Note, however, that not everything in Risks Digest is a cyber incident (as that term has been defined here) — much of what is there is commentary on the consequences of bad design.  Next, write a brief (2-page, single-spaced, normal font) analysis of the incident. Your analysis should address at least the following issues:  The causes and progression of the incident Technical aspects of networked systems that contributed to the incident (e.g., what aspects of systems, networks, or networked systems made this incident possible). If the attack was network-based, make sure to use either the TCP/IP model or OSI model. Aspects of human behavior and human limitations that contributed to the incident (e.g., what is it about people that made this incident possible). Interventions that were actually taken to address the immediate problem. The attack’s outcome. This should be explained in such a way that the “substantial consequences” are made clear. Changes that would be needed (in technical aspects, in human behavior, or otherwise) to prevent similar incidents in the future.  You will likely need to draw on multiple sources to have the best understanding of the incident on which you will report, but you may not find answers to all of these questions online. This assignment is designed to call for some original thinking on your part.  Academic Integrity  Your submission will be processed by TurnIt in to check for plagiarism. Indications of plagiarism (included lack of citations for sources) will result in a referral to Student Conduct.  How To Submit  Upload a Microsoft Word document (.doc or .docx) or an Adobe PDF (.pdf) file.  Your submission must include your name.  The limitation to two pages is strict; longer submissions, or submissions using font sizes smaller than 11 point, will receive a penalty. Shorter submissions will likely lack the depth required to adequately explain the incident. Use a citation style like APA or MLA to cite your sources. The works cited is not included in the page count.  Rubric HW3: Security Incident Analysis Rubric HW3: Security Incident Analysis Rubric Criteria Ratings Pts  This criterion is linked to a Learning Outcome Describes technical aspects of the incident. Answers questions like, but not limited to: – What technical aspect of the system was exploited? – What design features made the system vulnerable?