(1) As the CISO of CTS, the author is looking for solutions to a "rEvil" attack that breached the company's systems.
(2) The author analyzes the attack using the McCumber cube model covering confidentiality, integrity, and availability (CIA triangle) across policy, education, and technology for storage, processing, and transmission.
(3) The analysis shows the attack compromised confidentiality by accessing private information, integrity by encrypting data, and availability by encrypting data and suspending business operations until ransom is paid.
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
Final ppt g08
1. Introduction
• As chief information security officer at
Complete Technology Solutions (CTS),
we are looking for solutions to a breach
within the company due to “rEvil”
attack.
• Security model for this attack we have
consider McCumber cube covering all
3 dimensions:
• Confidentiality, integrity, and
availability (CIA triangle)
• Policy, education, and technology
• Storage, processing, and
transmission
1
GROUP 08:
BORIS MOLOKANOV 101234411
AMIR BOZORGMEHR 101174136
HETVI NAIK 101212340
HARDHALWINDER SINGH 101232893
ANANDU KARTHIKEYAN 101238315
ASHWINI KOTIYAN 101272672
SOLUTIONS FOR
“rEvil” ATTACK
3. Extensive McCumber study
Effects
• Confidentiality:
“Sodinokibi” have gained access to information of
patients, reports, payment methods, media, and
institutional giving insurance.
• Integrity:
The data is encrypted and hence can be tempered.
• Availability:
As “rEvil” will allow the data to be encrypted. There
is no access by the clients and hence entire business
is suspended.
3
5. Confidentiality-Storage
Policy
External devices are restricted.
Education
The storage path and pattern should
be assigned to staffs an clients as well.
Technology
Antivirus on repository and by
processing data bit by bit for storage.
5
Confidentiality-Transmission
Policy
The sharing or personal storage should
be prohibited. The personal media is
not allowed.
Education
The staff should be trained for logging
out or lock devices once the work is
done.
Technology
Adblocker and proper siting should be
used for avoiding untrusted elements.
6. Integrity-Processing
Policy
2 step authentication can be
used to decrypted or encrypt
or even for accessing the
data.
Education
Staff should be trained
always to confirmed for any
download attachments or
installing elements.
Technology
Pop-ups and third-party links
should be blocked with
secure applications.
6
Integrity-Storage
Policy
There should be credentials login
and restricted access along with
assigned permissions to group to
different group of people.
Education
The clients should also be trained
for proper authenticated access
and storage pattern. Even for using
updates only by company and
locking after every use.
Technology
Updates and maintain the firewall
and blocking applications like
antivirus.
7. Integrity-
Transmission
• Taking snapshot or creating backups by
unauthorized user must be prohibited.
Policy
• Clients and staff should be trained about secure
mode of communications and use codes or any
type of verification before communications.
Education
• Additional authentication on client side for
every action can reduce the risk of been hacked.
Technology
7
8. Availability-Processing
Policy
For been always available for
processing the system must be
locked or logged out after each
use and need authorized login.
Education
Update the staff with latest
security vulnerabilities and train
them to recognize it and avoid at
same time.
Technology
Backing and storing data at
different locations after
encryption bit by bit is main way
for shielding the data from
security breaches.
8
9. Availability- Storage
Policy
To been available for storage,
the intervals should be assigned
for each level of authority.
Education
The staff and client should
made aware about the
authority assigned to them are
different for different
information and process
Technology
For physical access, the
biometrics should be made as
mode of access. On other side
the virtually, the access should
be credentials.
9
Availability- Storage
Policy
Use secure means of
communication
Education
Train the staff having practical
drills
Technology
•VPN used for communication.
10. Conclusion-
Mitigation
• From this study we can conclude that rEvil or
Sodinokibi can be malicious software used for
keep the important documents hostage and
encrypt them for hackers in turn of them asking
for ransomware.
• McCumber Cube is basic and extensive study to
develop the security model for such kind of
breach and lessen the impact of it on each
aspects.
• The major precautions is to use the company
approved apps and software along with blocked
suspicious elements. The security
measurements are to be taken like biometrics,
assigned access controls and VPN to prevent
further damages.
10