Develop reliable, ethical methods to detect, characterize, and counter cyber threat actors
SCENERIO
Your organization, a healthcare firm, has been experiencing some issues with its information systems. As a new security analyst, you have been tasked with getting the system fully patched and up to date. You run into a problem with a third-party vendor, Stellar Technologies. Stellar Technologies created and maintains a software application called My Patient Records. The company is owned by the son of the chief information security officer (CISO) of the healthcare firm at which you are employed. The software is used as a primary source for all personally identifiable information for all patients. While you are doing the scheduled patch management of the network, the My Patient Records application stops working due to a software version compatibility issue. As you look into the compatibility issue, you discover Stellar Technologies has not patched their own software. You know this may lead to a known vulnerability called Take My Data, which might allow external entities to gain unauthorized entry into the information system. When confronted, Stellar Technologies denies the claim. They require a clone of the system (a complete copy of the application, including all its data) be sent to their facilities so they can do their own testing on it. When you bring this up to the CISO during your research, he determines that you should make the clone of the system and provide it to Stellar Technologies, but that it isn’t necessary to secure any other approvals or notify anyone else about the situation—including anyone in your own chain of command within the organization—about the situation
Questions
In your technical brief, you must address the critical elements listed below. The codes shown in brackets indicate the course competency to which each critical element is aligned.
I. Introduction
A. Identify your threat actors and characterize their motivations or desired outcomes. Use research from the Project Three resource guide or
decision aid to support your response. For example, is the threat actor gathering information for financial gain? [CYB-200-02]
II. Analysis
A. Describe best practices or methods for detecting the threat actors from the scenario. Use research from the Project Three resource guide or decision aid to support your response. [CYB-200-02]
B. Describe ethical and legal factors that should be considered and their significance in terms of the company for which you are employed in the scenario. Use research from the Project Three resource guide or decision aid to support your response. [CYB-200-02]
C. Describe at least one tactic or method that is important in responding to and countering this threat actor. Use research from the Project Three resource guide or decision aid to support your response. [CYB-200-02]
D. Describe at least one tactic or method that would be employed to reduce the likelihood of the same situation happening again. Use research from the Project Three resource guide or decision aid to support your response. [CYB-200-02]
III. Conclusion
A. Explain the potential ramifications of the tactics or methods you have suggested. Use research from the resource guide or decision aid to
support your response. [CYB-200-02]