cyber attacks paper

Research a recent cyber-attack and using the Attack Case Study outlined in our text In Section 2.3.3 write a paper detailing the attack. Minimum length 600 words not counting cover page and reference page.case study information attached
case_study_2.3.3.docx

Unformatted Attachment Preview

Don't use plagiarized sources. Get Your Custom Essay on
cyber attacks paper
Just from $13/Page
Order Essay

1.
Attack scenarios: These study possible attacks. While a scenario doesn’t need to describe an attack that has actually occurred, it should
be based on facts. For example, it can adapt a previously reported attack to use different resources or affect different assets. The
scenario doesn’t identify relevant threat agents; it focuses on goals and resources instead.
2.
Attack case studies: These review actual attacks, both successes and failures. A case study always includes an attack scenario.
Additional sections identify the threat agent responsible for the attack, and they assess the effectiveness of preattack risk management
activities.
Be sure to use authoritative sources when writing a scenario or case study. Section 1.3.1 discussed different sources
of technical information to be used in threat agent profiling. The same recommendations apply to attack studies:
primary sources are best, but other authoritative sources may be used if they are trustworthy.
As with threat agents, attacks often affect non-cyber resources. We can use these techniques to study noncyberattacks as well as cyberattacks.
ATTACK SCENARIO
An attack scenario describes an attack that is theoretically possible and that may or may not have happened. In this
text, attack scenarios contain specific information in a specific format:
• Goals—a few sentences describing the goals of the attack. The goals should match goals associated with recognized threat agents.
• Resources required:
• Skills and/or training—special skills required for the attack
• Personnel—number and types of people required for the attack
• Equipment—special equipment required for the attack
• Preparation time—amount of lead time required to set up the attack
• Timing constraint—is the attack tied to a particular schedule or event?
• How it happens—describe how the attack takes place
• Collateral results—attack results in addition to the goals noted above
• Recommended mitigation—basic steps that could prevent the attack. Certain acts or omissions make the attack feasible; this identifies
such things.
• References—authoritative sources supporting the scenario description
We can identify likely attacks using a well-written scenario. The goals and resources help identify threat agents who
have the means and motive to perform the attack. The recommended mitigation identifies conditions that could
prevent the attack.
ATTACK CASE STUDY
An attack case study builds on an attack scenario to describe an actual attack. The case study reviews the attack as
an effort by the identified perpetrator: the threat agent. We assess the attack’s success or failure based on the threat
agent’s motivation. We also assess how risk management efforts prior to the attack affected its outcome. The case
study follows this format:
• Overview—a paragraph that summarizes the attack, including what happened, when it happened, and the degree to which the attack
succeeded.
• Perpetrator—brief description of the threat agent who performed the attack. This does not need to be a complete profile. The attack
scenario’s details fill in many details about the agent’s resources and motivation.
• Attack scenario—description of the attack as it took place, using the scenario format. Omit the “References” section from the scenario;
combine scenario references with the others at the end of this case study.
• Risk management—description of how preattack risk management activities affected the attack’s outcome. Identify these effects using
the steps of the risk management framework (Section 1.1.2).
• References—a list of authoritative references used in the attack scenario and in other sections of the case study.
STUDYING AN ATTACK: THE MORRIS WORM
To illustrate the elements of an attack scenario and case study, we will look at how the Morris worm fits into this
format. We will not repeat the worm’s details except to show where the details fit into these studies.
Attack Scenario
• Goals:
1. Create a unique entity that exploits properties of the experimental Internet and typical computer systems attached to it.
2. Exert limited control over lots of other computers.
3.
Gain fame for creating a new and interesting technical artifact.
• Resources required:
• Skills and/or training:
1. Can write programs that manage network connections and start programs on remote computers.
2. Knowledge of common operating system vulnerabilities that may be exploited via network connections.
• Preparation time: This is hard to estimate. The agent was clearly a skilled programmer. Detailed descriptions of the worm suggest a
relatively small program on the order of 2,000 lines of code. This would take months to write.
• Personnel: At least one person with the necessary skills and access to the necessary equipment.
• Equipment: The agent required computer equipment that is connected to the Internet. To disguise the fact that the worm originated at
Cornell, the agent installed the worm software at MIT and started it from there.
• Timing constraints:
1.
The worm used vulnerabilities to propagate between computers, and Internet security experts were pressuring their sites to patch
these flaws.
2.
The agent had access to the appropriate equipment because of his status at Cornell. He had to release the worm while he retained this
status.
• How it happens: The agent developed the worm at Cornell University, but released it from MIT. The worm propagated by searching for
computers on its network, and scanning each computer found for vulnerabilities. If a computer had a vulnerability the worm could
exploit, then the worm used that vulnerability to penetrate that computer. Once established, the worm repeated its search for other
computers to attack.
• Collateral results: A flaw in the worm software allowed it to propagate out of control. This caused denial of service on most infected
computers. Propagation was so aggressive that site administrators had to isolate computers from one another while removing the virus.
If reconnected prematurely, the virus would continue to propagate.
• Recommended mitigation: The attack arose because the early Internet used very few security measures, and the measures that did exist
were unused or prone to failure. We can summarize the mitigations as follows:
1. Close all known security holes in Internet-connected systems.
2. Create a central repository for known vulnerabilities so that sites may correct them; this became CERT.
3. Restrict Internet traffic flow to reduce the risk to vulnerable machines; this led to traffic filtering by Internet gateways, which we
now call firewalls.
4. Keep logs on Internet-connected systems to help detect and analyze attacks.
• References: They appear at the end of the case study outline given next.
Attack Case Study
• Overview: Explains where and when the attack occurred, and how it affected the early Internet.
• Perpetrator: Robert T. Morris was a graduate student in computer science at Cornell University. His claimed motive was to perform
experiments on the Internet and not to cause disruption. At the time, however, there was a distinctive community of computer
enthusiasts who enjoyed manipulating computer systems and occasionally disrupted their operations.
• Attack scenario: See above.
• Risk management:
• 1. Categorize: There was no systematic process to assess security requirements for Internet hosts or sites. The U.S. government had
promoted early networking and had insisted that computers restrict access to authorized users. Many sites complied with this
requirement. The government had also mandated that high-security computers keep logs of significant events. Internet-connected
hosts were rarely considered to require high security. There was no requirement to monitor software for vulnerabilities or to patch
known software flaws.
• 2. Select security controls:
• Many sites chose user authentication with passwords to restrict access to authorized users. There were no restrictions on password
selection. The worm exploited poor password selection to penetrate computers.
• Sites were not obliged to close known security holes in their computers or to patch known flaws in their software. The worm
exploited known vulnerabilities, like the “finger” buffer overflow.
• A few sites chose to log significant events on their computers.
• 3. Monitor security controls: This step had a positive effect on efforts to counteract the worm.
• References: This includes references relevant to the attack scenario. The second and third articles were written by security experts who
dealt directly with the worm and its recovery.
Peter Denning, “The Internet Worm,” from Computers Under Attack, New York: ACM Press, 1990.
Jon Rochlis and Mark Eichin, “With Microscope and Tweezers,” from Computers Under Attack, New York: ACM
Press, 1990.
Eugene Spafford, “Crisis and Aftermath,” from Computers Under Attack, New York: ACM Press, 1990.
The “Risk Management” section omits Steps 3, 4, and 5 from the case study. Step 3, implementation, is essentially
redundant with Step 2, since the selected controls existed in the computers and simply needed to be activated. Step
4, assessment, only takes place if there are explicit security requirements to validate. Internet sites at that time
considered security requirements only in the most general manner. A site might require users to log in and be
authenticated, but sites rarely tested the mechanism. They assumed the operating system developers had already
tested it. Step 5, authorization, rarely took place: if the system could connect to the Internet, it was implicitly
authorized to connect. The Internet’s decentralized nature prevented authorities from restricting access or exercising
oversight.

Purchase answer to see full
attachment

GradeAcers
Calculate your paper price
Pages (550 words)
Approximate price: -

Why Work with Us

Top Quality and Well-Researched Papers

We always make sure that writers follow all your instructions precisely. You can choose your academic level: high school, college/university or professional, and we will assign a writer who has a respective degree.

Professional and Experienced Academic Writers

We have a team of professional writers with experience in academic and business writing. Many are native speakers and able to perform any task for which you need help.

Free Unlimited Revisions

If you think we missed something, send your order for a free revision. You have 10 days to submit the order for review after you have received the final document. You can do this yourself after logging into your personal account or by contacting our support.

Prompt Delivery and 100% Money-Back-Guarantee

All papers are always delivered on time. In case we need more time to master your paper, we may contact you regarding the deadline extension. In case you cannot provide us with more time, a 100% refund is guaranteed.

Original & Confidential

We use several writing tools checks to ensure that all documents you receive are free from plagiarism. Our editors carefully review all quotations in the text. We also promise maximum confidentiality in all of our services.

24/7 Customer Support

Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.

Try it now!

Calculate the price of your order

Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

No need to work on your paper at night. Sleep tight, we will cover your back. We offer all kinds of writing services.

Essays

Essay Writing Service

No matter what kind of academic paper you need and how urgent you need it, you are welcome to choose your academic level and the type of your paper at an affordable price. We take care of all your paper needs and give a 24/7 customer care support system.

Admissions

Admission Essays & Business Writing Help

An admission essay is an essay or other written statement by a candidate, often a potential student enrolling in a college, university, or graduate school. You can be rest assurred that through our service we will write the best admission essay for you.

Reviews

Editing Support

Our academic writers and editors make the necessary changes to your paper so that it is polished. We also format your document by correctly quoting the sources and creating reference lists in the formats APA, Harvard, MLA, Chicago / Turabian.

Reviews

Revision Support

If you think your paper could be improved, you can request a review. In this case, your paper will be checked by the writer or assigned to an editor. You can use this option as many times as you see fit. This is free because we want you to be completely satisfied with the service offered.

Order your essay today and save 15% with the discount code DISCOUNT15