Research a recent cyber-attack and using the Attack Case Study outlined in our text In Section 2.3.3 write a paper detailing the attack. Minimum length 600 words not counting reference page.
2.3.3 Studying Cyberattacks
In Chapter 1 we learned how to profile threat agents. We used news reports and other published sources to fill out the profile. Here we study potential and actual attacks. The studies take two forms:
1. Attack scenarios: These study possible attacks. While a scenario doesn’t need to describe an attack that has actually occurred, it should be based on facts. For example, it can adapt a previously reported attack to use different resources or affect different assets. The scenario doesn’t identify relevant threat agents; it focuses on goals and resources instead.
2. Attack case studies: These review actual attacks, both successes and failures. A case study always includes an attack scenario. Additional sections identify the threat agent responsible for the attack, and they assess the effectiveness of preattack risk management activities.
Be sure to use authoritative sources when writing a scenario or case study. Section 1.3.1 discussed different sources of technical information to be used in threat agent profiling. The same recommendations apply to attack studies: primary sources are best, but other authoritative sources may be used if they are trustworthy.
As with threat agents, attacks often affect non-cyber resources. We can use these techniques to study non-cyberattacks as well as cyberattacks.
book: Smith, R. E. (2016). Elementary information security, 2nd edition. Subury, MA: Jones & Bartlett Learning.