Desert Sands Case Study

docx

School

University of Wisconsin, Stout *

*We aren’t endorsed by this school

Course

6035

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

1

Uploaded by KidArt9882

Report
Desert Sands Case Study How did this compromise occur? Given the resources of Iran, if this vulnerability had been fixed, do you think this would have prevented the threat actors from succeeding? From what is known a group of “hacktivists” were able to find an open test web server from which they gathered credentials using an open source tool Mimikatz. From mining credentials the hacktivists were able to find a high profile account from which they were able to pivot into production environments. I think Iran would still be able to carry out an attack on the casino despite this vulnerability being fixed. They first attempted to hack into the VPN but after failing they moved onto this web server. Had the web server been patched the hacktivists would’ve moved on to the next attack vector until they found a successful way in. When working through an incident (especially in a private organization), you have to weigh the risk that when working with law enforcement the incident might become public and cause reputational harm. Would you work with law enforcement on an incident such as Desert Sands? Why or why not? Yes. I think due to the international nature of the attack working with law enforcement is a must. Here the companies reputation is already under some scrutiny because of the comments made that started the whole incident so I don’t think working with law enforcement will deteriorate that further. Again I think purely because of the international nature of this attack it warrants working with law enforcement. The threat actor in Desert Sands was a nation state entity. How does an organization best prepare for attacks from nation states with vastly more resources than the organization? Is this even worthwhile? How could this strategy change if your organization has a presence in a possible malicious nation? So one thing that an organization can do is completely segment their network as much as possible. Meaning that there essentially exists a mini organization in that nation, so there is a separate IT team, legal, HR etc. Some organizations do this already when working in countries with special data laws such as China or South Korea. Other than total segmentation of the network I don’t think there is much more an organization can do to protect against an entire nation state.
Discover more documents: Sign up today!
Unlock a world of knowledge! Explore tailored content for a richer learning experience. Here's what you'll get:
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Unit 6 - Create Risks and Mitigation Measures for a Project Scenario.pdf
CLASS Demonstration - STEP 2.docx
Linux Hybrid Quiz 1-4.pdf
Laboratory 6 - DATABASE CHALLENGE (1).docx
Team 1_ Risk Management Plan_NEW.docx
Equifax Case Study Report.docx
Stuxnet Case Study Report.docx
Executive Summary.docx
NASA Case Study Report.docx
Boston site Routing Protocol.docx
Worchester STP Configuration.docx
IPv6 Lab.docx