Threat actors

docx

School

Centennial College *

*We aren’t endorsed by this school

Course

221

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

3

Uploaded by ProfessorSkunk2005

Report
MD KOHINOOR ISLAM 300630823 Denmark Breach Analysis Threat actors, maybe including nation-state actors like Russia's Sandworm operation, were able to make use of several vulnerabilities in Zyxel firewalls to launch cyberattacks against crucial Danish infrastructure in May 2023. 22 energy organizations were the focus of the attacks, which prompted several of them to go to island mode and cut off their internet connections. The attackers were able to take complete control of the Zyxel firewalls without the need for authentication thanks to weaknesses in the firewalls. In certain instances, the attackers were able to make use of zero-day vulnerabilities that weren't made public. The attacks were unprecedented and severely damaged the targeted organizations, causing operational difficulties. The analysis of what went wrong in this scenario can be summarized as follows: The Zyxel firewalls were left open to exploitation because organizations neglected to install the available security fixes. This resulted from intentional opt-outs owing to expenses, misunderstandings over who is responsible for upgrades, and ignorance of the existence of these devices in their networks. Science Zyxel devices weren't visible on public scanning services making it difficult for organizations to detect potential vulnerabilities and for security experts. Attackers were able to travel laterally within networks after breaching the perimeter due to the attacks, which revealed basic weaknesses in the vital infrastructure, such as the lack of network segmentation. The attackers were able to traverse the networks more easily after they obtained initial access because of this lack of segmentation. As a Network Security admin, the remediation and mitigation efforts would involve the following steps: Make sure software updates are applied and distributed to fix mistakes, sometimes referred to as vulnerabilities or bugs. Conducting regular vulnerability assessments involves the process of identifying, quantifying, and prioritizing vulnerabilities in a system. Staff employees should receive regular security awareness training to keep them informed about the newest cyber threats and the best ways to keep a secure network environment.
MD KOHINOOR ISLAM 300630823 Architectural design using References Dark Reading: Title: Danish Energy Attacks Portend Targeting of More Critical Infrastructure URL: https://www.darkreading.com/ics-ot/danish-energy-attacks-portend-targeting-more- critical-infrastructure The Record: Title: Danish Energy Companies Hacked via Firewall Bug URL: https://therecord.media/danish-energy-companies-hacked-firewall-bug The Hacker News: Title: Russian Hackers Launch Largest-Ever Cyberattack on Danish Critical Infrastructure URL: https://thehackernews.com/2023/11/russian-hackers-launch-largest-ever.html?m=1
MD KOHINOOR ISLAM 300630823 SecurityWeek: Title: 22 Energy Firms Hacked in Largest Coordinated Attack on Denmark's Critical Infrastructure URL: https://www.securityweek.com/22-energy-firms-hacked-in-largest-coordinated-attack-on- denmarks-critical-infrastructure/
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

ITT-380 Public Key Infrastructure (PKI) for Payment Card Industry Data Security Standard (PCI-DSS) C
CYB 230 Module Three Lab Worksheet.docx
PD202 Unit 5 Network Mind Map Worksheet (2) (1) (1).docx
Concept quiz 9-2.docx
CHADA.docx
Final Project - Safety Plan (1).pdf
5.3 inf sec sys.docx
inform security sys 2.4.docx
DR-strategy-analysis .pptx
Group Project Notes.docx
Network and System Monitoring.docx
Chapter-01 Video Case-2 UPS.docx