Identify a data breach incident from news media and provide an overview of the case; Analyze common security failures and identif
***The Assignment Guidelines is In Word Doc.***
***Read the Guidelines Carefully***
***Check The PDF File to make sure NOT to use one of the cases***
|
CSIS-3001 - Introduction to Cybersecurity Guidelines for The Assignment – Data Breach Incident Analysis
The purpose of this assignment is to be able to: Identify a data breach incident from news media and provide an overview of the case; Analyze common security failures and identify specific cybersecurity principles that have been violated; Given a specific scenario, identify the cybersecurity principles involved or needed to increase the cybersecurity posture; and describe appropriate measures to be taken should a system compromise occur (Business Continuity Plan).
· Data Breach Overview: Provide an overview of the data breach incident you selected, the organization that it occurred in, and indicate if any prior data incidents occurred in that organization previously (Use references to support your claims). · Cybersecurity Failures: Analyze the cybersecurity failures and identify the specific dimension(s) of cybersecurity and their related principles (Hint: McCumber Cube and it's dimensions + relevant principles on each dimension!) that have been violated during the identified data breach incident (Use references to support your claims). · Cyber Risk Management: From recent industry and/or government reports (i.e. less than three years old) and in your own words (no quotes, but use references to support your claims) identify the cyber risk management factors (Likelihood – also known as 'rate of occurrence' + estimated impact) associated with the specific cyber incident that occurred for the organization you're investigating. (Use references to support your claims). Include a simple table to highlight the cyber threat, risk description, likelihood, impact, and actions proposed to mitigate that cyber threat in the future. · Business Continuity Plan: In your own words (no quotes, but use references to support your claims) describe appropriate measures that the organizations should take to mitigate the risk of another data breach incident in the future. · Conclusion: In your own words (no quotes!!!), provide a conclusion that summarizes the whole paper. In particular, you will need to develop a 5- to 7-page document (not more!) that outlines each of the section above and provides the details to address the points above.
All text in the proposal should be word-processed (letter or correspondence-quality font), New Times Roman or Calibri, 12 point, double space and standard margins. The body of the proposal should be 5- to 7-pages long (not including title page, Table of Contents, Reference List). The following information should also be included: Title page: · Assignment Name and Number · Name · Professor's name · Class Name and Number · Due date The report should also be done professionally and should include: · Table of Contents (with sections & page numbers identified – Ensure the context text starts on page 1, frontmatter shouldn't be counted in page numbers) · Page numbers on all pages · Clear and consistent headings of all sections · No running heads · Reference List following APA (At least seven different references) · Certificate of Authorship – Use the certificate provided as the last page of the document within the assignment file (not separate file) Professional and appealing document is expected. As required by Code of Student Conduct and Academic Responsibility, please make sure to document appropriately your references and state it in your own words, or put in quotations.
This case will be graded out of 100 points. This assignment will weight 10 points of your final grade.
The assignment is expected to be completed by the deadline February 25th, 2022
Please submit the assignment in MS Word format (.docx) to the Canvas Assignments Dropbox. A direct link to Assignment Dropbox is provided in the course menu bar on the left. |
,
2/10/22
CSIS3001 – Intro to Cybersecurity
ATM Hack of
2013 = $40M …in 8hrs
1
1
Learning Objectives:
By the end of this session, students should be able to:
• know business device intrusions, specifically when it relates to ATMs
• be familiar with some of the cyber-physical challenges with ATMs and other business devices
• learn how cyber criminals are collaborating to conduct advanced cyber attacks
2
2
1
2/10/22
What’s an ATM?
• Automated Teller Machines (ATM)
• “Bankomat”
3
What’s an ATM (Cont.)
4
4
2
2/10/22
ATMs Attacks
5
5
ATMs Attacks (Cont.)
6
Source: https://www.youtube.com/watch?v=uKcFgCCwwZ8&feature=youtu.be
6
3
2/10/22
From the Media…
• December 2012 and February 2013, a cyber-ring of criminals, operating in more than 24 countries
• $5 million was stolen around the world on December 21, 2012
• Additional $40 million was stolen on February 19, 2013
• Almost 3000 ATMs in New York City in a matter of hours
• Hackers coordinated with cells on the ground to carry out a precise, sophisticated attack
• Total over $45 million global ATM heist
7
7
From the Media… (Cont.)
• Yonkers NY working-class
– Three worked as bus drivers for special-needs children
– Two worked at Kmart
– Another delivered pizza for Domino’s
• Required ”very very low skills” by operators
• Cyber-ring CC: An organization in Russia
involved in money laundering
• Trips to meet in Bucharest (Romanian capital)
8
8
4
2/10/22
From the Media… (Cont.)
9
9
From the Media… (Cont.)
10
10
5
2/10/22
From the Media… (Cont.)
• Far-reaching and best-coordinated cyber- attack
• Using data stolen from prepaid debit card accounts
• MasterCard alerted USSS
11
11
From the Media… (Cont.)
12
12
6
2/10/22
13
From the Media… (Cont.)
“
”
Source:
13
Attack Overview
14
Credit-card
processing company
• Visa and MasterCard prepaid debit cards DB
• Secured 12 account numbers for cards issued by the Bank of Muscat in Oman (Middle east)
• Raised the withdrawal limits
Cashing crews
14
7
2/10/22
Anatomy of the ATMs Breach
15
15
Inside ATM
16
16
8
2/10/22
Inside an ATM (Cont.)
17
17
Inside an ATM (Cont.)
18
18
9
2/10/22
ATM Hack – Closer Look
19
19
ã 2022- -Dr. Yair Levy , College of Computing and Engineering (
Hacking ATM via SMS
20
20
10
2/10/22
41 ATMs in Taiwan in July 2016
21
21
22
ATM Hacking Mitigation
• Use of geo-location + face recognition → 2FA
22
11
2/10/22
23
ATM Hacking Mitigation (Cont.)
• Multibiometrics ATMs
23
• Questions?
• Discussion
24
CYBERSECURITY Everyone's job!
24
12
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.
