Discussion

 

In this scenario, hackers launch cyber attacks that affect several parts of the nation’s financial infrastructure over the course of several weeks. Specifically, sensitive credit card processing facilities are hacked and numbers are released to the Internet, causing 120 million cards to be cancelled; automated teller machines (ATMs) fail nearly simultaneously across the nation; major companies report payroll checks are not being received by workers; and several large pension and mutual fund companies have computer malfunctions so severe that they are unable to operate for more than a week. Identify the countermeasures that need to be implemented to prevent these cyber attacks from occurring in the future.

Don't use plagiarized sources. Get Your Custom Essay on
Discussion
Just from $13/Page
Order Essay

Start a discussion thread and discuss what type(s) of countermeasures need to be implemented to prevent the cyber attack described above from occurring in the future. Be specific in recommending countermeasures for this scenario.

You must do this following:

1) Create a new thread. As indicated above,  discuss what type(s) of countermeasures need to be implemented to prevent the cyber attack described above from occurring in the future. Be specific in recommending countermeasures for this scenario.

1

Copyright © 2012, Elsevier Inc.

All Rights Reserved

Chapter

7

Discretion

Cyber Attacks
Protecting National Infrastructure, 1st ed.

2

• Proprietary information will be exposed if discovered
by hackers

• National infrastructure protection initiatives most
prevent leaks
– Best approach: Avoid vulnerabilities in the first place

– More practically: Include a customized program focused
mainly on the most critical information

Copyright © 2012, Elsevier Inc.

All rights Reserved

C
h
a
p
te

r 7

D
is

c
re

tio
n

Introduction

3

• A trusted computing base (TCB) is the totality of
hardware, software, processes, and individuals
considered essential to system security

• A national infrastructure security protection program
will include
– Mandatory controls

– Discretionary policy

• A smaller, less complext TCB is easier to protect

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re

tio
n

Trusted Computing Base

4

Fig. 7.1 – Size comparison issues in a
trusted computing base

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n

5

• Managing discretion is critical; questions about the
following should be asked when information is being
considered for

disclosure

– Assistance

– Fixes

– Limits

– Legality

– Damage

– Need

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n
Trusted Computing Base

6

• Security through obscurity is often maligned and
misunderstood by security experts
– Long-term hiding of vulnerabilities

– Long-term suppression of information

• Security through obscurity is not recommended for
long-term protection, but it is an excellent
complementary control
– E.g., there’s no need to publish a system’s architecture

– E.g., revealing a flaw before it’s fixed can lead to rushed
work and an unnecessary complication of the situation

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n

Security Through Obscurity

7
Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n

Fig. 7.2 – Knowledge lifecycle for
security through obscurity

8

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n

Fig. 7.3 – Vulnerability disclosure
lifecycle

9

• Information sharing may be inadvertent, secretive, or
willful

• Government most aggressive promoting information
sharing

• Government requests information from industry for
the following reasons
– Government assistance to industry

– Government situational awareness

– Politics

• Government and industry have conflicting
motivations

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n

Information Sharing

10

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n

Fig. 7.4 – Inverse value of information
sharing for government and industry

11

• Adversaries regularly scout ahead and plan before an
attack

• Reconnaissance planning levels
– Level #1: Broad, wide-reaching collection from a variety of

sources

– Level #2: Targeted collection, often involving automation

– Level #3: Directly accessing the target

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n

Information Reconnaissance

12

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n

Fig. 7.5 – Three stages of
reconnaissance for cyber security

13

• At each stage of reconnaissance, security engineers
can introduce information obscurity

• The specific types of information that should be
obscured are
– Attributes

– Protections

– Vulnerabilities

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n
Information Reconnaissance

14

• Layering methods of obscurity and discretion adds
depth to defensive security program

• Even with layered obscurity, asset information can
find a way out
– Public speaking

– Approved external site

– Search for leakage

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n

Obscurity Layers

15

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n

Fig. 7.6 – Obscurity layers to protect
asset information

16

• Governments have been successful at protecting
information by compartmentalizing information and
individuals
– Information is classified

– Groups of individuals are granted clearance

• Compartmentalization defines boundaries, which
helps guides decisions

• Private companies can benefit from this model

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n

Organizational Compartments

17

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n

Fig. 7.7 – Using clearances and
classifications to control information

disclosure

18

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n

Fig. 7.8 – Example commercial mapping
of clearances and classifications

19

• To implement a national discretion program will
require
– TCB definition

– Reduced emphasis on information sharing

– Coexistence with hacking community

– Obscurity layered model

– Commercial information protection models

Copyright © 2012, Elsevier Inc.
All rights Reserved
C
h
a
p
te
r 7

D
is
c
re
tio
n

National Discretion Program

What Will You Get?

We provide professional writing services to help you score straight A’s by submitting custom written assignments that mirror your guidelines.

Premium Quality

Get result-oriented writing and never worry about grades anymore. We follow the highest quality standards to make sure that you get perfect assignments.

Experienced Writers

Our writers have experience in dealing with papers of every educational level. You can surely rely on the expertise of our qualified professionals.

On-Time Delivery

Your deadline is our threshold for success and we take it very seriously. We make sure you receive your papers before your predefined time.

24/7 Customer Support

Someone from our customer support team is always here to respond to your questions. So, hit us up if you have got any ambiguity or concern.

Complete Confidentiality

Sit back and relax while we help you out with writing your papers. We have an ultimate policy for keeping your personal and order-related details a secret.

Authentic Sources

We assure you that your document will be thoroughly checked for plagiarism and grammatical errors as we use highly authentic and licit sources.

Moneyback Guarantee

Still reluctant about placing an order? Our 100% Moneyback Guarantee backs you up on rare occasions where you aren’t satisfied with the writing.

Order Tracking

You don’t have to wait for an update for hours; you can track the progress of your order any time you want. We share the status after each step.

image

Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.

Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.

image

Trusted Partner of 9650+ Students for Writing

From brainstorming your paper's outline to perfecting its grammar, we perform every step carefully to make your paper worthy of A grade.

Preferred Writer

Hire your preferred writer anytime. Simply specify if you want your preferred expert to write your paper and we’ll make that happen.

Grammar Check Report

Get an elaborate and authentic grammar check report with your work to have the grammar goodness sealed in your document.

One Page Summary

You can purchase this feature if you want our writers to sum up your paper in the form of a concise and well-articulated summary.

Plagiarism Report

You don’t have to worry about plagiarism anymore. Get a plagiarism report to certify the uniqueness of your work.

Free Features $66FREE

  • Most Qualified Writer $10FREE
  • Plagiarism Scan Report $10FREE
  • Unlimited Revisions $08FREE
  • Paper Formatting $05FREE
  • Cover Page $05FREE
  • Referencing & Bibliography $10FREE
  • Dedicated User Area $08FREE
  • 24/7 Order Tracking $05FREE
  • Periodic Email Alerts $05FREE
image

Our Services

Join us for the best experience while seeking writing assistance in your college life. A good grade is all you need to boost up your academic excellence and we are all about it.

  • On-time Delivery
  • 24/7 Order Tracking
  • Access to Authentic Sources
Academic Writing

We create perfect papers according to the guidelines.

Professional Editing

We seamlessly edit out errors from your papers.

Thorough Proofreading

We thoroughly read your final draft to identify errors.

image

Delegate Your Challenging Writing Tasks to Experienced Professionals

Work with ultimate peace of mind because we ensure that your academic work is our responsibility and your grades are a top concern for us!

Sign Up Talk to Us

Check Out Our Sample Work

Dedication. Quality. Commitment. Punctuality

Categories
All samples
Essay (any type)
Essay (any type)
The Value of a Nursing Degree
Undergrad. (yrs 3-4)
Nursing
2
View this sample

It May Not Be Much, but It’s Honest Work!

Here is what we have achieved so far. These numbers are evidence that we go the extra mile to make your college journey successful.

0+

Happy Clients

0+

Words Written This Week

0+

Ongoing Orders

0%

Customer Satisfaction Rate
image

Process as Fine as Brewed Coffee

We have the most intuitive and minimalistic process so that you can easily place an order. Just follow a few steps to unlock success.

Call Us +1 (877) 657-8180 Discuss Order Details Now

See How We Helped 9000+ Students Achieve Success

image

We Analyze Your Problem and Offer Customized Writing

We understand your guidelines first before delivering any writing service. You can discuss your writing needs and we will have them evaluated by our dedicated team.

  • Clear elicitation of your requirements.
  • Customized writing as per your needs.

We Mirror Your Guidelines to Deliver Quality Services

We write your papers in a standardized way. We complete your work in such a way that it turns out to be a perfect description of your guidelines.

  • Proactive analysis of your writing.
  • Active communication to understand requirements.
image
image

We Handle Your Writing Tasks to Ensure Excellent Grades

We promise you excellent grades and academic excellence that you always longed for. Our writers stay in touch with you via email.

  • Thorough research and analysis for every order.
  • Deliverance of reliable writing service to improve your grades.
Place an Order Start Chat Now
image

Order your essay today and save 30% with the discount code Happy

Order Now