IT 223 – Case Study Homework
pdf
keyboard_arrow_up
School
Northern Virginia Community College *
*We aren’t endorsed by this school
Course
1
Subject
Information Systems
Date
Apr 3, 2024
Type
Pages
4
Uploaded by msa2912
Ques%on 1: How could the banks men%oned in this case have mi%gated or prevented the the;s? The case doesn't delve into the specific hacking methods employed, but referencing the Cri%cal Security Controls (CSCs) list published by The Center for Internet Security can provide valuable insights. Among the 20 CSCs, four key measures stand out as poten%al preventa%ve ac%ons the banks could have taken. CSC 1 and CSC 2 involve maintaining an inventory of all devices and so;ware on the network and ensuring they are properly configured and patched to mi%gate known vulnerabili%es. Once this baseline is established for network devices, including databases, the next logical step is CSC 4, which focuses on Con%nuous Vulnerability Assessment and Remedia%on. Regularly reviewing and tes%ng the network is essen%al to ensure that security patches and configura%ons are up to date. Addi%onally, since the case highlights malware as the most common type of aQack, CSC 8, which deals with Malware Defenses, would have been crucial in preven%ng the the;. Ques%on 2: How would smart cards be safer than magne%c swipe cards? Why? Smart cards offer enhanced security compared to magne%c swipe cards due to their inherent design. Magne%c swipe cards are suscep%ble to card reader devices called skimmers, which can easily record card informa%on and create counterfeit cards at a low cost. Consequently, many banks have transi%oned to smart cards for debit/credit transac%ons. According to Rodgers, who cites Johnson's explana%on, smart cards are safer primarily because of the embedded chip. The chip significantly reduces the risk of counterfei%ng by genera%ng a unique numerical code known as a cryptogram, which allows financial ins%tu%ons to verify the authen%city of the card during transac%ons. This added layer of security makes smart cards much more resistant to fraudulent ac%vi%es. Ques%on 3: Why would this type of distributed bank the; be faster and incur larger losses than a tradi%onal strong-arm bank robbery? The swi;ness and substan%al losses associated with this distributed bank the; can be aQributed to several factors. This opera%on was highly concentrated and well-coordinated on a global scale, facilitated by the fact that the ini%al data breach was not reported or mi%gated. Criminal opera%ves across 26 countries simultaneously targeted ATMs worldwide in two 24-
hour periods. Assuming an average of half a dozen individuals in each country par%cipa%ng, it points to a substan%al and organized crime network. In contrast, a tradi%onal strong-arm bank robbery o;en struggles to empty a bank vault en%rely and typically has limited %me to access cash drawers. Ques%on 4: Are cybercrime efforts becoming more targeted? Why? According to Carbon Black's 2019 annual report, cybercrime efforts are indeed becoming more targeted. The report highlights that the top five industries targeted by cyberaQacks in 2018 included Computers/Electronics, Healthcare, Business Services, Internet/So;ware, and
Manufacturing. This data aligns with other reports indica%ng a growing trend in targeted cyberaQacks. Carbon Black also notes a specific trend in ransomware aQacks, where servers in Russia o;en test Remote Desktop Protocol (RDP) connec%ons to compromised systems. These compromised systems are then sold to hackers in different countries, leading to targeted aQacks against specific industries. This suggests that cybercriminals are increasingly focusing their efforts on par%cular sectors, poten%ally because they perceive greater financial rewards or vulnerabili%es in those industries. Ques%on 5: Why are organiza%ons hesitant to report losses related to cybercrime? Organiza%ons o;en hesitate to report losses related to cybercrime primarily due to concerns about nega%ve publicity and its financial repercussions. Nega%ve publicity can significantly harm an organiza%on's reputa%on and erode customer confidence, leading to decreased revenue and poten%al stock price declines. For instance, recent nega%ve publicity surrounding Facebook led to a substan%al drop in its stock value. Facebook's stock, with 2.4 billion shares in circula%on, lost billions of dollars in market capitaliza%on within a week. Protec%ng stock prices and maintaining customer trust are paramount for CEOs and company leadership. Addi%onally, as Wolff (2018) argues, embarrassment plays a significant role in organiza%ons' reluctance to report cybercrime incidents. Organiza%ons may feel embarrassed about falling vic%m to cyberaQacks, poten%ally leading to a percep%on of weakness. Moreover, there might be skep%cism about law enforcement's ability to provide effec%ve assistance in solving cybercrimes, further discouraging repor%ng. Ques%on 6: Why are malicious insiders a focus of security experts? Security experts priori%ze addressing malicious insiders because these individuals pose a significant threat to an organiza%on's cybersecurity. Malicious insiders have legi%mate access to systems and sensi%ve data, making it easier for them to exploit vulnerabili%es, steal informa%on, or sabotage systems. Their in%mate knowledge of security procedures and poten%al gaps in the security program makes them par%cularly dangerous. For instance, a malicious insider may be aware of an employee who regularly takes home a laptop containing highly sensi%ve data, making them a prime target for cybercriminals. A prominent example is the Department of Veterans Affairs, which had to seQle a $20 million lawsuit a;er an employee's laptop, containing service records for over 26 million soldiers, was stolen. This case demonstrates the catastrophic consequences that can result from malicious insider ac%ons. In conclusion, malicious insiders represent a cri%cal focus for security experts due to their ability to exploit vulnerabili%es from within, poten%ally causing significant financial and reputa%onal damage to organiza%ons.
How many ports are there on a computer? There are 65,535 ports on a computer, numbered from 0 to 65,535. What programs (services) run over each port? Different programs or services can run over various ports. Common examples include: Port 80: HTTP (web browsing) Port 443: HTTPS (secure web browsing) Port 25: SMTP (email sending) Port 22: SSH (secure shell) Port 21: FTP (file transfer) Port 80: Telnet (remote login) Port 53: DNS (domain name system) Can hackers use ports to spread malware? How? Yes, hackers can use open ports to spread malware. They can exploit vulnerabili%es in open ports to gain unauthorized access to a computer or network. Once inside, they can upload and execute malicious code, plant malware, or establish a backdoor for remote control. Properly configuring firewalls, intrusion detec%on systems, and regularly patching and upda%ng so;ware can help prevent such aQacks. How do you close ports that may already be open? Ports can be closed by configuring firewall rules or security segngs. This typically involves using firewall so;ware or hardware to block traffic on specific ports or configuring the system to stop listening on those ports. The exact steps to close ports depend on the opera%ng system and firewall so;ware in use. How much 7me does your employer give you to read about current events related to your job? The amount of %me an employer allows for reading about current events related to one's job can vary significantly depending on company policies and job roles. Some employers may encourage employees to stay updated regularly, while others may allocate specific %me or resources for professional development and staying informed. How does reading current news ar%cles help IT security professionals in their daily jobs?
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Reading current news ar%cles helps IT security professionals stay informed about emerging threats, vulnerabili%es, and cybersecurity trends. It allows them to: Iden%fy new aQack techniques and tac%cs used by cybercriminals. Learn about recent security breaches and their implica%ons. Stay updated on so;ware vulnerabili%es and patches. Understand regulatory changes and compliance requirements. Adapt their security strategies and prac%ces to address evolving threats and challenges.