cyber security scenario based discussion

 

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Chapter 1 provided a high-level overview of the need for a national framework for protecting critical infrastructure. For some additional reading, take a look at the latest Presidential Order that relates to strengthening cybersecurity that relates to critical infrastructure:

https://www.whitehouse.gov/presidential-actions/presidential-executive-order-strengthening-cybersecurity-federal-networks-critical-infrastructure/

After reading chapter 1 and looking at the link above, write a discussion discussion.

Real-world scenario and how the Department of Homeland Security (DHS) plays into it. In the scenario, the United States will be hit by a large-scale, coordinated cyber attack organized by China. These attacks debilitate the functioning of government agencies, parts of the critical infrastructure, and commercial ventures. The IT infrastructure of several agencies are paralyzed, the electric grid in most of the country is shut down, telephone traffic is seriously limited and satellite communications are down (limiting the Department of Defense’s [DOD’s] ability to communicate with commands overseas). International commerce and financial institutions are also severely hit. Please explain how DHS should handle this situation.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

11

Copyright © 2012, Elsevier I

n

c.

All Rights Reserved

Chapter 1

Introductio

n

Cyber Attacks
Protecting National Infrastructure, 1st ed.

2

• National

infrastructure

– Refers to the complex, underlying delivery and support

systems for all large-scale services considered absolutely
essential to a nation

• Conventional approach to cyber security not enough

• New approach needed
– Combining best elements of existing security techniques

with challenges that face complex, large-scale national
services

Copyright © 2012, Elsevier Inc.

All rights Reserved

C
h
a
p
te

r 1

In
tro

d
u
c
tio

n

Introduction

3

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n

Fig. 1.1 – National infrastructure
cyber and physical attacks

4

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n

Fig. 1.2 – Differences between
small- and large-scale cyber security

5

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio

n• Three types of malicious adversaries
– External adversary

– Internal adversary

– Supplier adversary

National Cyber Threats,
Vulnerabilities, and Attacks

6

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n

Fig. 1.3 – Adversaries and
exploitation points in national

infrastructure

7

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio

n• Three exploitation points
– Remote access

– System administration and normal usage

– Supply chain

National Cyber Threats,
Vulnerabilities, and Attacks

8

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio

n• Infrastructure threatened by most common security
concerns:

– Confidentiality

– Integrity

– Availability

– Theft

National Cyber Threats,
Vulnerabilities, and Attacks

9

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n

Botnet Threat

• What is a botnet attack?
– The remote collection of compromised end-user machines

(usually broadband-connected PCs) is used to attack a
target.

– Sources of attack are scattered and difficult to identify

– Five entities that comprise botnet attack: botnet operator,
botnet controller, collection of bots, botnot software drop,
botnet target

10

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n

• Five entities that comprise botnet attack:

– Botnet operator

– Botnet controller

Collection

of bots

– Botnot software drop

– Botnet target

• Distributed denial of service (DDOS) attack: bots
create “cyber traffic jam”

Botnet Threat

11
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n

Fig. 1.4 – Sample DDOS attack from a
botnet

12

National Cyber Security
Methodology Components

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio

n• Ten basic design and operation principles:

Deception

Discretion

Separation

– Collection

Diversity

Correlation

Commonality

Awareness

Depth

Response

13

• Deliberately introducing misleading functionality or
mis

information

for the purpose of tricking an
adversary
– Computer scientists call this functionality a honey pot

• Deception enables forensic analysis of intruder
activity

• The acknowledged use of deception may be a
deterrent to intruders (every vulnerability may
actually be a trap)

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n
Deception

14

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n

Fig. 1.5 – Components of an interface
with deception

15

• Separation involves enforced access policy
restrictions on users and resources in a computing
environment

• Most companies use enterprise firewalls, which are
complemented by the following:

– Authentication and identity management

– Logical access controls

– LAN controls

– Firewalls

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n
Separation

16

Fig. 1.6 – Firewall enhancements for
national infrastructure

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n

17

• Diversity is the principle of using technology and
systems that are intentionally different in substantive
ways.

• Diversity hard to implement
– A single software vendor tends to dominate the PC

operating system business landscape

– Diversity conflicts with organizational goals of simplifying
supplier and vendor relationships

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n
Diversity

18

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n

Fig. 1.7 – Introducing diversity to
national infrastructure

19

• Consistency involves uniform attention to security
best practices across national infrastructure
components

• Greatest challenge involves auditing

• A national standard is needed

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n
Commonality

20

• Depth involves using multiple security layers to
protect national infrastructure assets

• Defense layers are maximized by using a combination
of functional and procedural controls

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n
Depth

21

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n

Fig. 1.8 – National infrastructure
security through defense in depth

22

• Discretion involves individuals and groups making
good decisions to obscure sensitive information
about national infrastructure

• This is not the same as “security through obscurity”

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n
Discretion

23

• Collection involves automated gathering of system-
related information about national infrastructure to
enable security analysis

• Data is processed by a security information
management system.

• Operational challenges
– What type of information should be collected?

– How much information should be collected?

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n
Collection

24

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n

Fig. 1.9 – Collecting national
infrastructure-related security

information

25

• Correlation involves a specific type of analysis that
can be performed on factors related to national
infrastructure protection
– This type of comparison-oriented analysis is indispensable

• Past initiatives included real-time correlation of data
at fusion center
– Difficult to implement

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n
Correlation

26

Fig. 1.10 – National infrastructure high-
level correlation approach

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n

27

• Awareness involves an organization understanding
the differences between observed and normal status
in national infrastructure

• Most agree on the need for awareness, but how can
awareness be achieved?

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n
Awareness

28

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n

Fig. 1.11 – Real-time situation
awareness process flow

29

• Response involves the assurance that processes are
in place to react to any security-related indicator
– Indicators should flow from the awareness layer

• Current practice in smaller corporate environments
of reducing “false positives” by waiting to confirm
disaster is not acceptable for national infrastructure

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n
Response

30

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n

Fig. 1.12 – National infrastructure
security response approach

31

• Commissions and groups

• Information sharing

• International cooperation

• Technical and operational costs

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 1

In
tro
d
u
c
tio
n

Implementing the Principles
Nationally

Calculate your order
Pages (275 words)
Standard price: $0.00
Client Reviews
4.9
Sitejabber
4.6
Trustpilot
4.8
Our Guarantees
100% Confidentiality
Information about customers is confidential and never disclosed to third parties.
Original Writing
We complete all papers from scratch. You can get a plagiarism report.
Timely Delivery
No missed deadlines – 97% of assignments are completed in time.
Money Back
If you're confident that a writer didn't follow your order details, ask for a refund.

Calculate the price of your order

You will get a personal manager and a discount.
We'll send you the first draft for approval by at
Total price:
$0.00
Power up Your Academic Success with the
Team of Professionals. We’ve Got Your Back.
Power up Your Study Success with Experts We’ve Got Your Back.

Order your essay today and save 30% with the discount code ESSAYHELP