Malicious Activities

at
Categories
Tags

The three major types of malicious activities that organizations and information systems face include:

Hostile or malicious insider activity.
Theft of private, proprietary, or sensitive data, by insiders or external attackers.
Large scale DoS (denial-of-service) attacks.
Go to Strayer University Library to research one of these types of malicious activities.

 

Describe a present-day example of your selected type of malicious activity and its impact on the organization.
Specify the countermeasures the organization took to address the malicious activity.
Recommend at least one additional preventative countermeasure and at least one countermeasure organizations could take to address this type of activity once it has occurred.
Provide a full citation and reference, formatted according to Strayer Writing Standards.

 

 

Sample Solution

Malicious Activity: Hostile or malicious insider activity

Present-Day Example: Colonial Pipeline Ransomware Attack (May 2021)

The Colonial Pipeline, responsible for transporting nearly half of the East Coast’s fuel supply, suffered a sophisticated cyberattack in May 2021. A former employee with access credentials used their knowledge to gain unauthorized entry into the system, deploying DarkSide ransomware that encrypted crucial data and disrupted operations. The attack forced the pipeline to shut down for several days, leading to fuel shortages and panic buying across the East Coast.

Impact on the Organization:

  • Operational disruption: The shutdown of the pipeline for five days caused widespread fuel shortages, impacting gas stations, airports, and emergency services.
  • Financial losses: Colonial Pipeline paid $4 million in ransom to regain access to their systems, incurring additional costs for restoring operations and mitigating reputational damage.
  • Regulatory scrutiny: The attack spurred increased scrutiny from government agencies and industry regulators, leading to stricter cybersecurity requirements for critical infrastructure operators.

Countermeasures Taken:

  • Improved access controls: Colonial Pipeline implemented stricter access controls, including multi-factor authentication and least privilege principles, to limit unauthorized access.
  • Enhanced security awareness training: The company provided enhanced cybersecurity awareness training to employees to identify and report suspicious activity.
  • Enhanced security monitoring: They implemented more robust security monitoring systems to detect and respond to potential threats in real-time.

Additional Preventative Countermeasure:

  • Privileged Access Management (PAM) solutions: Implementing PAM solutions can further restrict and monitor access to critical systems, especially for privileged users.

Countermeasure for Ongoing Attack:

  • Incident Response Plan: Having a well-rehearsed incident response plan helps organizations contain the damage and restore operations quickly and efficiently during an attack. This includes isolating compromised systems, notifying law enforcement, and engaging cybersecurity experts.

This question has been answered.

Get Answer
WeCreativez WhatsApp Support
Our customer support team is here to answer your questions. Ask us anything!
👋 Hi, Welcome to Compliant Papers.
Hi, how can I help?