Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Case StudyTHE CASE SCENARIOThe victim: A bank with 4 0 0 networked windows 1 0 0 in a central office, with another 3 0 0
Case StudyTHE CASE SCENARIOThe victim: A bank with networked windows in a central office, with another in a branch offices. Upon arrival of the incident response team, we identify that the client had nosecurity protection in place. The network administrators had no clue has to what is going on in the network, no security tool and the perimeter had no IPSIDS system in place.All the organizations user systems are Windows and Windows Employees are using Windows mail systems which operates on Office and MS Outlook. Cyber Security team identified that the infection started with a phishing email.THE MALWAREThe malware was identified has ETEY, specifically a newer variant that resisted efforts by utility programs such as Norton AntiVirus to remove it The bank admin also checked the registry settings as described by Malwarebytes, hoping to isolate the exact nature of the threat, but had no luck. ETEY has a nasty habit of deleting key files in its wake in order to confound attempts to stop itThe bank decided to restart the server and see how things went. While the server was down, though, the firm had to write down new transactions on little slips of paper. It was chaos.Each infected folder contained files: # DecryptReadMefile.txt It encrypted any file on the target extension list, giving it a random filename with the ETEY extension.The malware infected all PCs at the central office and all the systems at branch offices. The damage to these infected machine was not serious since they could be reimaged. The servers hosting critical banking information and databases was a big issue, since the bank admin foundout the backups has been failing: the log files log were all encrypted, config files, as well as group setting files.THE DEMANDThe # DecryptReadMe file contained a message asking for Bitcoins about $ to restore back the organization systems and data, including details on how to make payment. The bank's management decided that they have no other avenue but to pay the amount.Cybersecurity experts first tried to recover files from the physical servers but had no luck, due most of the flies where corrupted. The team proceed with negotiation and was able to bring down the negotiated amount to bitcoins.Answer the following Questions: What are the vulnerabilities on this case study? There are principles of information security, which one do you think did not apply? state What are the three components of the CI.A triangle? What are they used for? If the CI.A triangle is incomplete, why is it so commonly used in security? What is the difference between vulnerability and threat on this case study Discuss ways on how are you going to reduce the risk What are some advice you could offer to the firm that could have taken to prevent this incident?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started