Six Separate Submissions
Terry Childs Case Review – write a one-page summary
Don't use plagiarized sources. Get Your Custom Essay on
2020
Just from $13/Page
Firion Simtray Report – one-page report
Standards, Policies, and Guidelines Definition – two- to three-page comparison report
Profile Matrix – Attached
Case Issues and solutions Template – Attached
Cybersecurity Recommendations Presentation – slide presentation of 10-15 slides
(2 Discussion posts)
Case Issues and Solutions Template
Category
Issue
Solution
Psychological Factor Matrix
Type of Hacker or Actor
Motivation
Standards, Guidelines, Policies
Terry Childs is available under a
Creative Commons Attribution-ShareAlike License
.
Terry Childs Case
Terry Childs is a former network administrator who was employed by the City of San Francisco. In June 2008, he was arrested and charged with four counts of computer tampering for refusing to divulge the passwords to San Francisco’s FiberWAN system to his supervisors. The city went without administrative control of the network for 12 days; this was considered a denial of service, which is illegal in California.
After being arrested, Childs was held on $5 million bail (McMillan, 2009). He was also accused of tampering with the network and subversively avoiding auditing checks (Venezia, 2008).
Key Events in the Childs Case
|
April 27, 2010
|
Childs was found guilty of one count of felony network tampering on April 27, 2010 by a jury (Begin, 2010).
|
|
August 6, 2010
|
Childs was sentenced to four years in the California State Prison by Judge Teri Jackson. Childs had already served 755 days in prison as of his sentencing. These days were applied to his sentence, leaving him eligible for parole after four-to-six months of incarceration.
|
|
May 17, 2011
|
Childs was ordered by the court to pay nearly $1.5 million in restitution. Childs was released sometime before May 17, 2011 according to his lawyer.
|
|
October 2013
|
The California Court of Appeals affirmed Childs’ conviction and his obligation to pay nearly $1.5 million in restitution (People v. Childs).
|
References
Begin, B. (2010, April 27). Network engineer Terry Childs found guilty of network tampering. The San Francisco Examiner.
McMillan, R. (2009, August 31). Judge won’t lower $5M bail for SF IT Administrator. PC World.
People v. Childs, 2013 WL 5779044 (Cal. App. Ct. Oct. 25, 2013).
Venezia, P. (2008, July 31). Sorting out the facts in the Terry Childs case. CIO website. IDG publications.
Profile Matrix
Type of Hacker or Other Nonstate Actor
Psychological Profile, Main Motivation, Threats to the Organization, Benefits to the Organization, Standard, Guideline or Policy that Best Applies (if Applicable).
P4
Six Separate Submissions
Terry Childs Case Review – write a one-page summary of your
Firion Simtray Report – one-page report
Standards, Policies, and Guidelines Definition – two- to three-page comparison report
Profile Matrix
– Attached
Case Issues and solutions Template – Attached
Cybersecurity Recommendations Presentation – slide presentation of 10-15 slides
(2 Discussion posts)
Project Scenario
As you go through the morning’s e-mail, you notice one from your boss that links to an article about the Terry Childs cyber breach case. Childs, an administrator in the San Francisco IT department who had sole control of the city-wide network, refused to provide passwords to anyone else after a dispute with a city official, effectively locking down the network. “Let’s discuss this,” says your boss at the end of the e-mail, and you proceed to meet with him in his office.
Your boss points out that the Childs case indicates the vulnerability of any network in which one administrator has too much control. “While that isn’t likely to happen here,” the boss says, “we need to ensure that we have the proper standards, policies, and guidelines to ensure the safety of our systems.”
In addition, your boss points out that even though Childs is an “insider,” his actions resemble those of a typical hacker. You realize that understanding what makes hackers “tick” might be a good basis to set up intrusion prevention initiatives at your company.
The boss agrees and asks you to create a presentation. It will include a typical hacker profile, the characteristics of ethical and unethical hackers, and recommendations in the areas of people, technology, and standards/policy, which can be used by the company to ensure the safety of its systems from internal as well as external threats.
When you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission.
Step 1: Review the Terry Childs Case
Before getting started on the presentation, you will want to first learn about the
Terry Childs case
. Research the case and write a one-page summary of your findings. Your summary should answer the following questions:
· What led to Childs being charged with a crime?
· How did his employer respond to his actions? What did it do right and/or wrong?
· What could the company have done to better secure its assets?
Your summary should be thorough and include a references page. The information gathered will be used in your final presentation. You will use this summary as Appendix A to your presentation.
Submit the Terry Childs Case Review for feedback.
Step 2: Project Practice – SIMTRAY Firion: Day 1
Now that you have been introduced to an actual case of insider threats, you will practice handling insiders in a simulated environment. The world of cybersecurity is populated with diverse people with a diversity of perspectives. Every now and then, individuals may violate certain standards of behavior or ethics. It is in an organization’s best interest to identify these people and address their core issues, either through motivation, incentives, or by developing a strong relationship with them. In the event that this course of action fails, organizations must be prepared to employ graduated adverse personnel actions.
You will learn how to resolve issues and provide a secure environment by exploring the SIMTRAY titled, “
Firion: Find Your Way in Three Days.
” SIMTRAY is a simulation that presents you with scenarios that will provide insight into how information security management handles various issues. Some of the issues and topics addressed in this exercise include hacker profiles, insider threats, laws concerning privacy, anonymity – definition, and digital rights management.
The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need. Record your best score and at least one lesson learned from the exercise to include in your report at the end of the three-day simulation.
Step 3: Project Practice – SIMTRAY Firion: Day 2
In the previous step, you started to examine the SIMTRAY, “Firion: Find Your Way in Three Days.” In this step, continue to focus on SIMTRAY, but document the specific issues that you would like to include in your presentation. You may encounter the following topics in this exercise: hacker profiles, insider threats, laws concerning privacy, anonymity – definition, and digital rights management.
The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need. Record your best score and at least one lesson learned from the exercise to include in your report at the end of the three-day simulation.
Step 4: Project Practice – SIMTRAY Firion: Day 3
In this step, you should continue to explore the scenarios within SIMTRAY, “Firion: Find Your Way in Three Days.” If you have not already, you will most likely encounter the following topics in this exercise: hacker profiles, insider threats, laws concerning privacy, anonymity – definition, and digital rights management. Document specific issues that you experience in the exercise that you would like to include in your presentation. Think about how these issues might be addressed by guidelines and policy.
The SIMTRAY will provide you with scores to give you a sense on how well you are grasping the concepts. The sections are timed for 30 minutes; however, you can run the SIMTRAY as many times as you need. Compile your recorded scores, lessons learned, and documented industry issues into a one-page report. You will use this report as Appendix B to your presentation.
Submit your Firion Simtray Report for feedback.
Step 5: Psychological Factors
In the previous three steps, you completed simulation activities handling insiders. In the next few steps, you’ll examine intrusion motives / hacker psychology. In order to fully understand the Terry Childs case, it is important to understand that one’s internal motivations play a significant role in their actions.
Your next assignment will require you to create a
Psychological Factor Matrix
that summarizes types of hackers and actors, their motivations, and what sort of standards, policies, and guidelines would be most suitable to mitigate their impact. In order to prepare for this assignment, you will need to dig deeper into the psychological factors that affect hackers. Review the hacker psychology and sociological aspects resource on the hackers and actors topic page and document the following:
· What psychological factors motivate hackers and actors (e.g., addiction, crime, greed, status)?
· Give examples where these motivations were a factor in a cyberattack.
· What can organizations do to be more proactive in identifying and addressing these threats?
While you do not need to submit your findings, they will be essential to the completion of your Profile Matrix in a later step.
Step 6: Hacking as an Addiction
After considering psychological factors of hackers and actors in the last step, you will expand your exploration into the concept of hacking as an addiction.
In examining the psychological factors of hackers, some mental health and criminal justice professionals contend that hacking is an “addiction” and causes obsessive, risk-taking behavior in a manner similar to illegal narcotics—hackers hack to “get high” from the thrill of breaking into a system and getting away with it. Examine and document your thoughts on the following questions:
· Should policy makers look toward treatment, rather than incarceration, as to the disposition of hackers? Why or why not?
Think about this question in relation to the Childs case and how it will affect your recommendations.
Post your thoughts to the discussion board for feedback.
Step 7: Ethical vs. Unethical Hackers
As the cybersecurity field expands, the larger community discourse leads to changes in terminology. While some of our course materials may differentiate between the term’s “hackers” and “crackers” as threat actors, we will use the terms “ethical hackers” and “nonethical hackers” to make the same differentiation. Learn about the different types of hackers, or non-state actors, and document the following:
· How do the profiles for ethical and unethical hackers differ?
· Should these psychological attributes make a difference as to the amount of, or nature of the punishment meted out to those who are caught? Why or why not?
· Describe how certain factors can also motivate ethical hackers, or those who defend against cyberattacks? (e.g., revenge, patriotism, fear of government abuse, pride, respect for the law, ownership, anger, retaliation).
While you do not need to submit your findings, they will be essential to the completion of your matrix in a later step.
Step 8: Hacker Profiling
In the previous step, you learned about the psychological factors that motivate hackers. In this step, you will go a bit further by learning how to profile hackers — a skill that is essential to the success of cybersecurity professionals. Read about hacker profiling hackers and document the following:
· How do profiles of ethical and unethical hackers differ?
· While psychological profiling of criminals is not a new field, should we attempt to profile cybercriminals?
· What sort of things do we already know about the personalities of cybercriminals?
· Do we have enough evidence to indicate there is a distinct psychological pattern that would help in the apprehension of cybercriminals?
In the next step, you will use all the information you’ve learned about hackers to create a matrix.
Step 9: Define Standards, Policies, and Guidelines
Before you can complete the Profile Matrix and develop solutions for your company, you will need to take a closer look at how standards, policies, and guidelines affect a company’s security posture. You probably already have questions about what policies were in place prior to the Childs incident. In this step, you dig deeper and learn more about the difference between standards, policies, and guidelines by creating a two- to three-page comparison report. Your report should answer the following questions:
· What is the difference between standards, policies, and guidelines?
· How do they relate to one another?
· How well do they work in securing networks and data within the organization?
This report is particularly important because it will affect the recommendations you make to your boss regarding the case. You will use this report as Appendix C to your presentation.
Submit your Standards, Policies, and Guidelines Definition for feedback.
Step 10: Profile Matrix
Now that you have familiarized yourself with the concepts of hackers and standards, policies, and guidelines, it is important to understand how to match the two in an organization.
For this assignment, prepare a Profile Matrix that lists the different types of hackers in the first column, and for each, list the psychological profile, main motivations, threats to the organization, benefits to the organization, and whether or not a standard, guideline, or policy best applies to them. Be sure to identify an example of a standard, guideline, or policy that may apply. You should identify a minimum of six hacker-type examples. This will assist you in both helping upper management identify insider threats and to prevent future breaches.
Finally, at this point in your assignment, you should have encountered concerns about using profiles to “watch” employees and the benefits and dangers of doing so. Include a short paragraph about your findings to the matrix.
Submit your Profile Matrix for feedback.
Step 11: Insider Threat eLearning Module – Insider Fraud at Daytona Investment Bank
Now that you’ve completed your profile matrix, the next step will be for you to investigate an insider threat scenario.
This exercise discusses a fictitious scenario about
Insider Fraud at Daytona Investment Bank.
In the scenario an internal investigation revealed that Shane Kerry, an arbitrage trader specializing in Asian stock markets, used his knowledge of the bank’s internal information security controls to disguise fraudulent transactions. These transactions resulted in a loss of $2 billion.
After completing the exercise, answer the following question:
· Could specific standards, policies, and guidelines or other countermeasures have prevented these fraudulent transactions? Please explain.
Post your answer to the discussion board for feedback.
Step 12: Case Issues and Solutions
After completing your research, practice simulations, and documentation in the prior steps, you are now ready to review and digest the case information in order to identify what went wrong in the Childs case. Reread the annotated research items that you collected for the case in Step 1 and identify the examples of poor judgment from Childs and the organization that may have led to the event. Consider the effects of cybercrime and the effects of increased cyber protection on an organization’s mission.
Use the
Case Issues and Solutions Template
to categorize and annotate a minimum of three issues (each) that pertain to each of the following:
· people (human factors)
· technology
· standards, policies, or guidelines
Submit your completed Case Issues and Solutions Template for feedback.
Step 13: Summarize and Develop Your Solutions
In the previous step, you identified the major issues in the Childs case. It is now time to discuss the solutions. In order to develop recommendations to include in your presentation, you must first prepare your solutions. Summarize recommended solutions to alleviate the insider threat caused by Childs, with at least three recommendations each in the categories of people, technology, and policy. Rank your recommended solutions in order of “must implement,” “highly recommended,” and “generally recommended.” You will use this solutions summary to develop your recommendations in your final presentation.
Step 14: Document in a Presentation
You now have all of the information needed to develop the slide presentation that provides information to the San Francisco City office to avert situations similar to the Childs case. Develop a narrated, slide presentation of 10-15 slides that shows your findings. Include all of the information you gathered from your previous research, summaries, and reports.
Submit your final presentation with Appendices when complete.
Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work.
· 1.7: Create neat and professional looking documents appropriate for the project or presentation.
· 2.1: Identify and clearly explain the issue, question, or problem under critical consideration.
· 6.3: Integrate the human aspect of cybersecurity into an organization’s cybersecurity policy.
