SlideShare a Scribd company logo

Stuxnet and U.S Incidence ResponseStudent NameProfessor Na.docx

Download as DOCX, PDF
P
picklesvalery

Stuxnet and U.S Incidence Response Student Name Professor Name Institution Date The U.S Computer Emergency Readiness Team is a body mandated to protect the country’s internet infrastructure and to ensure the general welfare of all public entities in the internet. It devices methods to clearly respond to cyber security attacks that might pose a threat to the nation. They work alongside the Department of Homeland Security together with multiple other private and public companies in accomplishing this task (Techopedia, 2018). The U.S CERT has a number of activities it engages in order to make the internet a safe place for the entire nation. It for instance devices means for the public to report any cyber threat or attack that they suspect to the body for appropriate actions to be taken. They also engage in educational ventures with the aim of making the public and industries aware about data security and threats. The body also has the role of letting the general public aware of looming cyber security strikes and attacks. They gather information from various sources and analysis of these can actually help the point out possible security threats various bodies are facing or in risk of. By so doing they are able to prevent any loss that could have come about as a result of such attacks.(ICS-CERT, 2015). The emergency response team also takes part in coordinating the recovery activities in emergency situations in conjunction with other firms. These activities are aimed at reducing the impact that a cyber attack makes and also try to restore any data or operations that might have been brought down as a result of the attack. An analysis of the data gathered from security threats is also made by the firm in order to learn more about the nature of attacks and to prevent future attacks from happening. Additionally they also conduct an evaluation of malware applications in order to better know which systems are at risk of attacks and how these attacks can be detected in a system (Ferran, 2012). The response team also has the role of working hand in hand with other security agencies in the quest of coming up with mitigation steps aimed at preventing and dealing with cyber security threats. The bodies share data that they have individually gathered and by putting it together they are able to come up with a clearer picture as to how security attacks are manifested and how they can be able to better detect these security threats. The U.S Computer Emergency Response Team follows the best guidelines when it comes to cyber crime response and emergency response preparedness. They use the best approach when t comes to collection of data relating to security threats by getting it from actual security occurrences. The feedback from the general public is also a rich source of information in matters concerning cyber security. By colluding with other security agencies they stand a better position to more effectively combat security threats and possible attacks. T ...

Education
1 of 9
Stuxnet and U.S Incidence Response Student Name Professor Name Institution Date The U.S Computer Emergency Readiness Team is a body mandated to protect the country’s internet infrastructure and to ensure the general welfare of all public entities in the internet. It devices methods to clearly respond to cyber security attacks that might pose a threat to the nation. They work alongside the Department of Homeland Security together with multiple other private and public companies in accomplishing this task (Techopedia, 2018). The U.S CERT has a number of activities it engages in order to make the internet a safe place for the entire nation. It for instance devices means for the public to report any cyber threat or attack that they suspect to the body for appropriate actions to be taken. They also engage in educational ventures with the aim of making the public and industries aware about data security and threats. The body also has the role of letting the general public aware of looming cyber security strikes and attacks. They gather information from various sources and analysis of these can actually help the point out possible security threats various bodies are facing or in risk of. By so doing they are able to prevent any loss that could have come about as a result of such attacks.(ICS-CERT, 2015). The emergency response team also takes part in coordinating the recovery activities in emergency situations in conjunction
with other firms. These activities are aimed at reducing the impact that a cyber attack makes and also try to restore any data or operations that might have been brought down as a result of the attack. An analysis of the data gathered from security threats is also made by the firm in order to learn more about the nature of attacks and to prevent future attacks from happening. Additionally they also conduct an evaluation of malware applications in order to better know which systems are at risk of attacks and how these attacks can be detected in a system (Ferran, 2012). The response team also has the role of working hand in hand with other security agencies in the quest of coming up with mitigation steps aimed at preventing and dealing with cyber security threats. The bodies share data that they have individually gathered and by putting it together they are able to come up with a clearer picture as to how security attacks are manifested and how they can be able to better detect these security threats. The U.S Computer Emergency Response Team follows the best guidelines when it comes to cyber crime response and emergency response preparedness. They use the best approach when t comes to collection of data relating to security threats by getting it from actual security occurrences. The feedback from the general public is also a rich source of information in matters concerning cyber security. By colluding with other security agencies they stand a better position to more effectively combat security threats and possible attacks. The body’s initiative to inform and educate the general public in issues relating to data security and cyber attacks is a crucial tool in enabling successful prevention of cyber attacks. When the public is aware of the threat that they face in data security they are able to contribute in safeguarding themselves against such malicious security threats. Stuxnet was a computer malware that was first noted in 2010, July. It exploited a zero-day vulnerability and attacked
Windows PCs and also other industrial software and equipment (Techopedia, 2018) . It is believed that the worm spread through flash drives that were infected with the malware. The worm was so sophisticated and is believed to have been made by a group of very talented professionals probably working for government(s). It exploited a total of four unpatched vulnerabilities in the windows PCs at the time of discovery. The industrial control systems computer emergency readiness team (ICS-CERT) was in charge of the mitigation process for the stuxnet malware. It employed a number of steps in a bid to try and control the malware which was proving to be highly infectious having infected thousands of computers around the world. One of the many steps that the U.S body has taken is to effect application of patches on host systems. As seen earlier the stuxnet worm targeted windows pcs and used a total of four zero-day vulnerabilities in making possible its infection. The first step was therefore to address these unpatched vulnerabilities in the windows machines so as to prevent further infection by the malware. Organizations affected by the malware and running winCC or step7 software should follow Siemmens recommendations for applying the windows update. The malware also exploits a vulnerability addresses in theMS08-067c patch though it is not clear how this is used. The ICS-CERT urges control system administrators and operators to review system upgrades and also apply the patch if it had not been effected previously. Administrators are further urged to consult their control systems vendors prior to making any system changes. USB drives being the main channels of the infection, the ICS- CERT recommends that the best practices are used when dealing with these flash drives. This is because attackers use the convenience and wide usage of these thumb drives to enable propagation of the malware. Companies are asked to review their policies further to prevent any loopholes that might lead to
infection by a malware such as the Stuxnet worm. By having strong policies on the usage of such material it is hoped that the transfer of malware from an infected computer to another one can be controlled and therefore stopped. Hence it is important for companies to enact such policies. The ICS-CERT outlines a due process to be followed in the incident that a system becomes infected by the Stuxnet malware. This though depends on the type of system that has been infected. A system that does not run or use Siemmens products will have a relatively easier time handling the malware as compared to the system that uses products from Siemmens. System administrators are again advised to practice high discretion and caution before making any major system changes or using anti-virus products. If a system is running Siemens winCC or step7 software and is identified as to have been infected by the stuxnet malware then Siemens customer care support and also ICS-CERT should be contacted. Additionally Siemens advices that a Microsoft patch should applied which runs the sysclean tool then the host system should also install the SIMATIC security update. Although usage of the SysClean tool does appear to prevent the worm from infecting new flash drives it does not fully remove all files related to the malware. This is mainly attributed to the complexity of the malware. Due to this the ICS-CERT recommend that affected companies closely work with them so as to determine whether total rebuild of systems is necessary. This rebuild can be effected through manual or automated means. The ICS-CERT also offer support to companies seeking further guidelines on how to deal with the stuxnet threat or those that may require further analysis of the effects of the malware to their systems. Also it is worthy to note that systems that do not run on the Siemens products will have an easier time dealing with the malware as it is inert and almost completely harmless in such systems.
Alternate sites are not completely ideal for companies that run on the industrial systems control technologies. This is because these systems control critical infrastructure such as power, transport, gas and water directly. As such any interruption to such system is really dangerous and high risk as it could mean total sabotage, failure or shutdown of the main processes or even the entire industry. Many companies for instance go on to continue working with the original systems even after a malware infection has been detected. To them it is better to deal with the malware problem as they go on running normal industry processes as it is less risky that way. Various other challenges also prevent shift to a hotsite. For example many industries running on the industrial control systems only allow 5 minutes downtime an year hence it makes it extremely difficult to even carry out a forensic study or analysis in a bid to try and identify malware infection or other security breaches. The fact that these systems also run on small processors makes it even more difficult since they would not be able to run basic antivirus software. Small processors have very limited computing capabilities and might just not be able to handle the antivirus softwares that could have been applied on the systems. Additionally it is hard to apply changes to ICS systems since they were developed during the pre-internet era and do not allow for connectivity, hence it is difficult to apply any updates to them as there would be no means of authenticating commands given. The challenge here is that these systems only communicate point to point. The option of doing a complete replacement of such systems is also not feasible since these are legacy systems that have been in operation for 15 to 30 years or more. Companies with such systems are also quite reluctant to overhaul these systems due to the fact that these systems have been operating error free for long duration of times. Even if an overhaul was possible it would be extremely expensive for such
industries. The fact that this systems have to adopt a connectivity plan has made some of them purchase off the shelf software products for example operating systems like windows and Linux. This increases the security threat that is glaring at such systems. Thus is due to the fact that it is quite possible to infect systems that are interconnected in a network as there would be an actual channel through which the malware would be transmitted. Companies running on the industrial control systems are thus required to practice complete discretion when it comes to handling the operations of their systems. It would mean havoc if the systems are infected by a hazardous malware for instance because dealing with malware on such system is a daunting task. The fact that it is also quite difficult to shift such systems to alternative sites also makes it even more imperative to safeguard the original systems from malware attacks. Of importance though is the need to engage more discussions involving the security of legacy systems and even newer systems that utilize the industrial control system technologies. This would position many industries in a place where they would be able to easily deal with and control any form of malware attack that poses a danger to their systems. The need becomes even more glaring with the onset of more frequent attacks on such systems. The mere fact that replacement of such systems or even shifting is impossible should make security researchers pay more attention to this field so as to come up with proper mitigation steps that will assist industries to easily secure their systems and prevent losses that would arise. A lot of planning has to go into securing industrial control systems in order to safeguard them from possible attacks, which can be quite fatal. Below are some of the necessary steps that could be taken to ensure that these systems are well protected from such attacks. The first step would be to secure the networks. A well secured
network entails having a good network design and well-defined boundaries. Additionally the networks should be segmented by implementing the ISA IEC 62443 standard. The wireless applications should also be secured as well and also deployment of secure remote access solutions should be carried out. The firms should then conduct regular inspection and monitoring of their industrial network infrastructure equipment. Another important step would be to secure all end points. Having firewalls, using proprietary software, imposing protocols and even air gaps is not enough. All these are bypassed when employees, contractors or anyone else bring their laptop, flash drives or other equipment into the corporate network. These devices can compromise the security measures that have been put in place by providing loopholes for security breaches. It should therefore be the policy in all firms that personal equipment like laptops or thumb drives should not be connected to the corporate network. Organizations are urged to carry out asset discovery. This well help them map out and actually come up with an inventory of all the endpoints available. Once this is done the necessary configurations should be applied to these endpoints to make them secure from attacks. Constant monitoring of these endpoints should then be done to ensure that they are protected and in the correct state at all the time. This will enable the firm to detect any unauthorized changes that might be made to this points and act accordingly before the newly created weak point is exploited by an intruder. An important activity that industrial control systems do to prevent attacks is securing the industries controllers. These are computers that bridge the gap between programming instructions and commands given to the system and the actual components that interact with the physical world. These include sensors for temperature, pressure, calibration devices, valves etc. A successful intrusion into such computers would deal a serious
blow to a firm. This is because a malicious actor would be able to wreck havoc if they were to actually get in control of these systems. As such it becomes extremely important to secure these points(Authier, 2018). Organizations should implement security features on vulnerable controllers, monitor the rest for any changes that could spell a security threat. It is important for control systems to review their password policies from time to time to make them secure and hack proof. Weak passwords could be a loophole for malware to gain control of critical system components. The hardware and software element of many ICS systems is also outdated something that has to be looked into if security of such systems is to be guaranteed. Traditional penetration testing should be conducted on such systems by simulating real attacks so that any loophole that has not been addressed can be discovered and patched or rectified. The approach of using a red team can be considered as one of these procedures in order to increase the effectiveness of such tests in establishing the weak points in a system. Even for air-gapped systems, it is still crucial to conduct such tests since it is very possible for attacks to be carried out on such systems, say using infected flash drives for example. The steps above if followed correctly can to a very large extent prevent and protect industrial control systems from cyber attacks that can damage or interfere with them. References Techopedia (2018). Stuxnet. Retrieved from https://www.techopedia.com/definition/15812/stuxnet Ferran, L. (2012 June, 29). When Stuxnet Hit the Homeland: Government Response to the Rescue. Retrieved from http://abcnews.go.com/News/when-stuxnet-hit-the-homeland- government-response-to-the-rescue/blogEntry?id=16680284 ICS-CERT. (2010 September, 15). Stuxnet Malware Mitigation
(Update B). Retrieved from https://ics-cert.us- cert.gov/advisories/ICSA-10-238-01B Rouse, M. (2018) hot and cold site. Retrieved from https://searchcio.techtarget.com/definition/hot-site-and-cold- site Ashford, W. (2014 October, 15). Industrial control systems: What are the security challenges? Retrieved from https://www.computerweekly.com/news/2240232680/Industrial- control-systems-What-are-the-security-challenges Brasso, B. (2016 May, 26). Taking Steps to Prevent Critical Infrastructure Cyber Attacks. Retrieved from https://www.fireeye.com/blog/executive- perspective/2016/05/taking_steps_to_prev.html Authier, G. (2018 February, 4). A Solid Approach to Protect your ICS Systems: Simple as 1-2-3.Rerieved from https://www.tripwire.com/state-of-security/ics-security/3- simple-steps-securing-ics-systems-digital-threats/

Recommended

Information Security And The Healthcare
Information Security And The HealthcareInformation Security And The Healthcare
Information Security And The HealthcareTracy Berry
 
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET Journal
 
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)ChristopherAntonius
 
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...IJNSA Journal
 
In computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfIn computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfanandanand521251
 
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...Inno Eroraha [NetSecurity]
 
Vulnerability , Malware and Risk
Vulnerability , Malware and RiskVulnerability , Malware and Risk
Vulnerability , Malware and RiskSecPod Technologies
 
Vulnerability Malware And Risk
Vulnerability Malware And RiskVulnerability Malware And Risk
Vulnerability Malware And RiskChandrashekhar B
 

Recommended

Information Security And The Healthcare
Information Security And The HealthcareInformation Security And The Healthcare
Information Security And The HealthcareTracy Berry
 
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET- A Review of Information Systems Security: Types, Security Issues, and ...
IRJET- A Review of Information Systems Security: Types, Security Issues, and ...IRJET Journal
 
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)ChristopherAntonius
 
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...IJNSA Journal
 
In computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfIn computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfanandanand521251
 
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...
Man and Machine -- Forming a Perfect Union to Mature Security Programs -- Key...Inno Eroraha [NetSecurity]
 
Vulnerability , Malware and Risk
Vulnerability , Malware and RiskVulnerability , Malware and Risk
Vulnerability , Malware and RiskSecPod Technologies
 
Vulnerability Malware And Risk
Vulnerability Malware And RiskVulnerability Malware And Risk
Vulnerability Malware And RiskChandrashekhar B
 
I0516064
I0516064I0516064
I0516064IOSR Journals
 
Giving The Heave Ho To Worms, Spyware, And Bots!
Giving The Heave Ho To Worms, Spyware, And Bots!Giving The Heave Ho To Worms, Spyware, And Bots!
Giving The Heave Ho To Worms, Spyware, And Bots!Tammy Clark
 
Designing Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree ModelingDesigning Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree Modelingijtsrd
 
Running head STUDY OF RANSOMWARE .docx
Running head STUDY OF RANSOMWARE .docxRunning head STUDY OF RANSOMWARE .docx
Running head STUDY OF RANSOMWARE .docxjeanettehully
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityLumension
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxbagotjesusa
 
IRJET- Zombie - Venomous File: Analysis using Legitimate Signature for Securi...
IRJET- Zombie - Venomous File: Analysis using Legitimate Signature for Securi...IRJET- Zombie - Venomous File: Analysis using Legitimate Signature for Securi...
IRJET- Zombie - Venomous File: Analysis using Legitimate Signature for Securi...IRJET Journal
 
E04 05 2841
E04 05 2841E04 05 2841
E04 05 2841International Journal of Engineering Inventions www.ijeijournal.com
 
Ethical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxEthical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxGogoOmolloFrancis
 
Assess risks to IT security.pptx
Assess risks to IT security.pptxAssess risks to IT security.pptx
Assess risks to IT security.pptxlochanrajdahal
 
Get Benefit From Threat Intelligence
Get Benefit From Threat IntelligenceGet Benefit From Threat Intelligence
Get Benefit From Threat IntelligenceSOCVault
 
NPV, IRR, Payback period,— PA1Correlates with CLA2 (NPV portion.docx
NPV, IRR, Payback period,— PA1Correlates with CLA2 (NPV portion.docxNPV, IRR, Payback period,— PA1Correlates with CLA2 (NPV portion.docx
NPV, IRR, Payback period,— PA1Correlates with CLA2 (NPV portion.docxpicklesvalery
 
Now that you have had the opportunity to review various Cyber At.docx
Now that you have had the opportunity to review various Cyber At.docxNow that you have had the opportunity to review various Cyber At.docx
Now that you have had the opportunity to review various Cyber At.docxpicklesvalery
 
Now that you have completed a series of assignments that have led yo.docx
Now that you have completed a series of assignments that have led yo.docxNow that you have completed a series of assignments that have led yo.docx
Now that you have completed a series of assignments that have led yo.docxpicklesvalery
 
Now that you have completed your paper (ATTACHED), build and deliver.docx
Now that you have completed your paper (ATTACHED), build and deliver.docxNow that you have completed your paper (ATTACHED), build and deliver.docx
Now that you have completed your paper (ATTACHED), build and deliver.docxpicklesvalery
 
Now that you have identified the revenue-related internal contro.docx
Now that you have identified the revenue-related internal contro.docxNow that you have identified the revenue-related internal contro.docx
Now that you have identified the revenue-related internal contro.docxpicklesvalery
 
Now that you have read about Neandertals and modern Homo sapiens.docx
Now that you have read about Neandertals and modern Homo sapiens.docxNow that you have read about Neandertals and modern Homo sapiens.docx
Now that you have read about Neandertals and modern Homo sapiens.docxpicklesvalery
 
Now that you have had an opportunity to explore ethics formally, cre.docx
Now that you have had an opportunity to explore ethics formally, cre.docxNow that you have had an opportunity to explore ethics formally, cre.docx
Now that you have had an opportunity to explore ethics formally, cre.docxpicklesvalery
 
Novel Literary Exploration EssayWrite a Literary Exploration Ess.docx
Novel Literary Exploration EssayWrite a Literary Exploration Ess.docxNovel Literary Exploration EssayWrite a Literary Exploration Ess.docx
Novel Literary Exploration EssayWrite a Literary Exploration Ess.docxpicklesvalery
 
Notifications My CommunityHomeBBA 3551-16P-5A19-S3, Inform.docx
Notifications My CommunityHomeBBA 3551-16P-5A19-S3, Inform.docxNotifications My CommunityHomeBBA 3551-16P-5A19-S3, Inform.docx
Notifications My CommunityHomeBBA 3551-16P-5A19-S3, Inform.docxpicklesvalery
 
November-December 2013 • Vol. 22No. 6 359Beverly Waller D.docx
November-December 2013 • Vol. 22No. 6 359Beverly Waller D.docxNovember-December 2013 • Vol. 22No. 6 359Beverly Waller D.docx
November-December 2013 • Vol. 22No. 6 359Beverly Waller D.docxpicklesvalery
 
NOTEPlease pay attention to the assignment instructionsZero.docx
NOTEPlease pay attention to the assignment instructionsZero.docxNOTEPlease pay attention to the assignment instructionsZero.docx
NOTEPlease pay attention to the assignment instructionsZero.docxpicklesvalery
 

More Related Content

Similar to Stuxnet and U.S Incidence ResponseStudent NameProfessor Na.docx

Giving The Heave Ho To Worms, Spyware, And Bots!
Giving The Heave Ho To Worms, Spyware, And Bots!Giving The Heave Ho To Worms, Spyware, And Bots!
Giving The Heave Ho To Worms, Spyware, And Bots!Tammy Clark
 
Designing Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree ModelingDesigning Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree Modelingijtsrd
 
Running head STUDY OF RANSOMWARE .docx
Running head STUDY OF RANSOMWARE .docxRunning head STUDY OF RANSOMWARE .docx
Running head STUDY OF RANSOMWARE .docxjeanettehully
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityLumension
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxbagotjesusa
 
IRJET- Zombie - Venomous File: Analysis using Legitimate Signature for Securi...
IRJET- Zombie - Venomous File: Analysis using Legitimate Signature for Securi...IRJET- Zombie - Venomous File: Analysis using Legitimate Signature for Securi...
IRJET- Zombie - Venomous File: Analysis using Legitimate Signature for Securi...IRJET Journal
 
Ethical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxEthical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxGogoOmolloFrancis
 
Assess risks to IT security.pptx
Assess risks to IT security.pptxAssess risks to IT security.pptx
Assess risks to IT security.pptxlochanrajdahal
 
Get Benefit From Threat Intelligence
Get Benefit From Threat IntelligenceGet Benefit From Threat Intelligence
Get Benefit From Threat IntelligenceSOCVault
 

Similar to Stuxnet and U.S Incidence ResponseStudent NameProfessor Na.docx (11)

I0516064
I0516064I0516064
I0516064
 
Giving The Heave Ho To Worms, Spyware, And Bots!
Giving The Heave Ho To Worms, Spyware, And Bots!Giving The Heave Ho To Worms, Spyware, And Bots!
Giving The Heave Ho To Worms, Spyware, And Bots!
 
Designing Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree ModelingDesigning Security Assessment of Client Server System using Attack Tree Modeling
Designing Security Assessment of Client Server System using Attack Tree Modeling
 
Running head STUDY OF RANSOMWARE .docx
Running head STUDY OF RANSOMWARE .docxRunning head STUDY OF RANSOMWARE .docx
Running head STUDY OF RANSOMWARE .docx
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint Security
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
 
IRJET- Zombie - Venomous File: Analysis using Legitimate Signature for Securi...
IRJET- Zombie - Venomous File: Analysis using Legitimate Signature for Securi...IRJET- Zombie - Venomous File: Analysis using Legitimate Signature for Securi...
IRJET- Zombie - Venomous File: Analysis using Legitimate Signature for Securi...
 
E04 05 2841
E04 05 2841E04 05 2841
E04 05 2841
 
Ethical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docxEthical and security issues on MIS inte 322 assignment.docx
Ethical and security issues on MIS inte 322 assignment.docx
 
Assess risks to IT security.pptx
Assess risks to IT security.pptxAssess risks to IT security.pptx
Assess risks to IT security.pptx
 
Get Benefit From Threat Intelligence
Get Benefit From Threat IntelligenceGet Benefit From Threat Intelligence
Get Benefit From Threat Intelligence
 

More from picklesvalery

NPV, IRR, Payback period,— PA1Correlates with CLA2 (NPV portion.docx
NPV, IRR, Payback period,— PA1Correlates with CLA2 (NPV portion.docxNPV, IRR, Payback period,— PA1Correlates with CLA2 (NPV portion.docx
NPV, IRR, Payback period,— PA1Correlates with CLA2 (NPV portion.docxpicklesvalery
 
Now that you have had the opportunity to review various Cyber At.docx
Now that you have had the opportunity to review various Cyber At.docxNow that you have had the opportunity to review various Cyber At.docx
Now that you have had the opportunity to review various Cyber At.docxpicklesvalery
 
Now that you have completed a series of assignments that have led yo.docx
Now that you have completed a series of assignments that have led yo.docxNow that you have completed a series of assignments that have led yo.docx
Now that you have completed a series of assignments that have led yo.docxpicklesvalery
 
Now that you have completed your paper (ATTACHED), build and deliver.docx
Now that you have completed your paper (ATTACHED), build and deliver.docxNow that you have completed your paper (ATTACHED), build and deliver.docx
Now that you have completed your paper (ATTACHED), build and deliver.docxpicklesvalery
 
Now that you have identified the revenue-related internal contro.docx
Now that you have identified the revenue-related internal contro.docxNow that you have identified the revenue-related internal contro.docx
Now that you have identified the revenue-related internal contro.docxpicklesvalery
 
Now that you have read about Neandertals and modern Homo sapiens.docx
Now that you have read about Neandertals and modern Homo sapiens.docxNow that you have read about Neandertals and modern Homo sapiens.docx
Now that you have read about Neandertals and modern Homo sapiens.docxpicklesvalery
 
Now that you have had an opportunity to explore ethics formally, cre.docx
Now that you have had an opportunity to explore ethics formally, cre.docxNow that you have had an opportunity to explore ethics formally, cre.docx
Now that you have had an opportunity to explore ethics formally, cre.docxpicklesvalery
 
Novel Literary Exploration EssayWrite a Literary Exploration Ess.docx
Novel Literary Exploration EssayWrite a Literary Exploration Ess.docxNovel Literary Exploration EssayWrite a Literary Exploration Ess.docx
Novel Literary Exploration EssayWrite a Literary Exploration Ess.docxpicklesvalery
 
Notifications My CommunityHomeBBA 3551-16P-5A19-S3, Inform.docx
Notifications My CommunityHomeBBA 3551-16P-5A19-S3, Inform.docxNotifications My CommunityHomeBBA 3551-16P-5A19-S3, Inform.docx
Notifications My CommunityHomeBBA 3551-16P-5A19-S3, Inform.docxpicklesvalery
 
November-December 2013 • Vol. 22No. 6 359Beverly Waller D.docx
November-December 2013 • Vol. 22No. 6 359Beverly Waller D.docxNovember-December 2013 • Vol. 22No. 6 359Beverly Waller D.docx
November-December 2013 • Vol. 22No. 6 359Beverly Waller D.docxpicklesvalery
 
NOTEPlease pay attention to the assignment instructionsZero.docx
NOTEPlease pay attention to the assignment instructionsZero.docxNOTEPlease pay attention to the assignment instructionsZero.docx
NOTEPlease pay attention to the assignment instructionsZero.docxpicklesvalery
 
NOTE Use below Textbooks only. 400 WordsTopic Which doctrine.docx
NOTE Use below Textbooks only. 400 WordsTopic Which doctrine.docxNOTE Use below Textbooks only. 400 WordsTopic Which doctrine.docx
NOTE Use below Textbooks only. 400 WordsTopic Which doctrine.docxpicklesvalery
 
NOTE Everything in BOLD are things that I need to turn in for m.docx
NOTE Everything in BOLD are things that I need to turn in for m.docxNOTE Everything in BOLD are things that I need to turn in for m.docx
NOTE Everything in BOLD are things that I need to turn in for m.docxpicklesvalery
 
Note Be sure to focus only on the causes of the problem in this.docx
Note Be sure to focus only on the causes of the problem in this.docxNote Be sure to focus only on the causes of the problem in this.docx
Note Be sure to focus only on the causes of the problem in this.docxpicklesvalery
 
Note I’ll provide my sources in the morning, and lmk if you hav.docx
Note I’ll provide my sources in the morning, and lmk if you hav.docxNote I’ll provide my sources in the morning, and lmk if you hav.docx
Note I’ll provide my sources in the morning, and lmk if you hav.docxpicklesvalery
 
Note Here, the company I mentioned was Qualcomm 1. Email is the.docx
Note Here, the company I mentioned was Qualcomm 1. Email is the.docxNote Here, the company I mentioned was Qualcomm 1. Email is the.docx
Note Here, the company I mentioned was Qualcomm 1. Email is the.docxpicklesvalery
 
Note Please follow instructions to the T.Topic of 3 page pape.docx
Note Please follow instructions to the T.Topic of 3 page pape.docxNote Please follow instructions to the T.Topic of 3 page pape.docx
Note Please follow instructions to the T.Topic of 3 page pape.docxpicklesvalery
 
Note A full-sentence outline differs from bullet points because e.docx
Note A full-sentence outline differs from bullet points because e.docxNote A full-sentence outline differs from bullet points because e.docx
Note A full-sentence outline differs from bullet points because e.docxpicklesvalery
 
Notable photographers 1980 to presentAlmas, ErikAraki, No.docx
Notable photographers 1980 to presentAlmas, ErikAraki, No.docxNotable photographers 1980 to presentAlmas, ErikAraki, No.docx
Notable photographers 1980 to presentAlmas, ErikAraki, No.docxpicklesvalery
 
Note 2 political actions that are in line with Socialism and explain.docx
Note 2 political actions that are in line with Socialism and explain.docxNote 2 political actions that are in line with Socialism and explain.docx
Note 2 political actions that are in line with Socialism and explain.docxpicklesvalery
 

More from picklesvalery (20)

NPV, IRR, Payback period,— PA1Correlates with CLA2 (NPV portion.docx
NPV, IRR, Payback period,— PA1Correlates with CLA2 (NPV portion.docxNPV, IRR, Payback period,— PA1Correlates with CLA2 (NPV portion.docx
NPV, IRR, Payback period,— PA1Correlates with CLA2 (NPV portion.docx
 
Now that you have had the opportunity to review various Cyber At.docx
Now that you have had the opportunity to review various Cyber At.docxNow that you have had the opportunity to review various Cyber At.docx
Now that you have had the opportunity to review various Cyber At.docx
 
Now that you have completed a series of assignments that have led yo.docx
Now that you have completed a series of assignments that have led yo.docxNow that you have completed a series of assignments that have led yo.docx
Now that you have completed a series of assignments that have led yo.docx
 
Now that you have completed your paper (ATTACHED), build and deliver.docx
Now that you have completed your paper (ATTACHED), build and deliver.docxNow that you have completed your paper (ATTACHED), build and deliver.docx
Now that you have completed your paper (ATTACHED), build and deliver.docx
 
Now that you have identified the revenue-related internal contro.docx
Now that you have identified the revenue-related internal contro.docxNow that you have identified the revenue-related internal contro.docx
Now that you have identified the revenue-related internal contro.docx
 
Now that you have read about Neandertals and modern Homo sapiens.docx
Now that you have read about Neandertals and modern Homo sapiens.docxNow that you have read about Neandertals and modern Homo sapiens.docx
Now that you have read about Neandertals and modern Homo sapiens.docx
 
Now that you have had an opportunity to explore ethics formally, cre.docx
Now that you have had an opportunity to explore ethics formally, cre.docxNow that you have had an opportunity to explore ethics formally, cre.docx
Now that you have had an opportunity to explore ethics formally, cre.docx
 
Novel Literary Exploration EssayWrite a Literary Exploration Ess.docx
Novel Literary Exploration EssayWrite a Literary Exploration Ess.docxNovel Literary Exploration EssayWrite a Literary Exploration Ess.docx
Novel Literary Exploration EssayWrite a Literary Exploration Ess.docx
 
Notifications My CommunityHomeBBA 3551-16P-5A19-S3, Inform.docx
Notifications My CommunityHomeBBA 3551-16P-5A19-S3, Inform.docxNotifications My CommunityHomeBBA 3551-16P-5A19-S3, Inform.docx
Notifications My CommunityHomeBBA 3551-16P-5A19-S3, Inform.docx
 
November-December 2013 • Vol. 22No. 6 359Beverly Waller D.docx
November-December 2013 • Vol. 22No. 6 359Beverly Waller D.docxNovember-December 2013 • Vol. 22No. 6 359Beverly Waller D.docx
November-December 2013 • Vol. 22No. 6 359Beverly Waller D.docx
 
NOTEPlease pay attention to the assignment instructionsZero.docx
NOTEPlease pay attention to the assignment instructionsZero.docxNOTEPlease pay attention to the assignment instructionsZero.docx
NOTEPlease pay attention to the assignment instructionsZero.docx
 
NOTE Use below Textbooks only. 400 WordsTopic Which doctrine.docx
NOTE Use below Textbooks only. 400 WordsTopic Which doctrine.docxNOTE Use below Textbooks only. 400 WordsTopic Which doctrine.docx
NOTE Use below Textbooks only. 400 WordsTopic Which doctrine.docx
 
NOTE Everything in BOLD are things that I need to turn in for m.docx
NOTE Everything in BOLD are things that I need to turn in for m.docxNOTE Everything in BOLD are things that I need to turn in for m.docx
NOTE Everything in BOLD are things that I need to turn in for m.docx
 
Note Be sure to focus only on the causes of the problem in this.docx
Note Be sure to focus only on the causes of the problem in this.docxNote Be sure to focus only on the causes of the problem in this.docx
Note Be sure to focus only on the causes of the problem in this.docx
 
Note I’ll provide my sources in the morning, and lmk if you hav.docx
Note I’ll provide my sources in the morning, and lmk if you hav.docxNote I’ll provide my sources in the morning, and lmk if you hav.docx
Note I’ll provide my sources in the morning, and lmk if you hav.docx
 
Note Here, the company I mentioned was Qualcomm 1. Email is the.docx
Note Here, the company I mentioned was Qualcomm 1. Email is the.docxNote Here, the company I mentioned was Qualcomm 1. Email is the.docx
Note Here, the company I mentioned was Qualcomm 1. Email is the.docx
 
Note Please follow instructions to the T.Topic of 3 page pape.docx
Note Please follow instructions to the T.Topic of 3 page pape.docxNote Please follow instructions to the T.Topic of 3 page pape.docx
Note Please follow instructions to the T.Topic of 3 page pape.docx
 
Note A full-sentence outline differs from bullet points because e.docx
Note A full-sentence outline differs from bullet points because e.docxNote A full-sentence outline differs from bullet points because e.docx
Note A full-sentence outline differs from bullet points because e.docx
 
Notable photographers 1980 to presentAlmas, ErikAraki, No.docx
Notable photographers 1980 to presentAlmas, ErikAraki, No.docxNotable photographers 1980 to presentAlmas, ErikAraki, No.docx
Notable photographers 1980 to presentAlmas, ErikAraki, No.docx
 
Note 2 political actions that are in line with Socialism and explain.docx
Note 2 political actions that are in line with Socialism and explain.docxNote 2 political actions that are in line with Socialism and explain.docx
Note 2 political actions that are in line with Socialism and explain.docx
 

Recently uploaded

DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...M56BOOKSTORE PRODUCT/SERVICE
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxJiesonDelaCerna
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfMahmoud M. Sallam
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentInMediaRes1
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 

Recently uploaded (20)

DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptx
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdf
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media Component
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 

Stuxnet and U.S Incidence ResponseStudent NameProfessor Na.docx

  • 1. Stuxnet and U.S Incidence Response Student Name Professor Name Institution Date The U.S Computer Emergency Readiness Team is a body mandated to protect the country’s internet infrastructure and to ensure the general welfare of all public entities in the internet. It devices methods to clearly respond to cyber security attacks that might pose a threat to the nation. They work alongside the Department of Homeland Security together with multiple other private and public companies in accomplishing this task (Techopedia, 2018). The U.S CERT has a number of activities it engages in order to make the internet a safe place for the entire nation. It for instance devices means for the public to report any cyber threat or attack that they suspect to the body for appropriate actions to be taken. They also engage in educational ventures with the aim of making the public and industries aware about data security and threats. The body also has the role of letting the general public aware of looming cyber security strikes and attacks. They gather information from various sources and analysis of these can actually help the point out possible security threats various bodies are facing or in risk of. By so doing they are able to prevent any loss that could have come about as a result of such attacks.(ICS-CERT, 2015). The emergency response team also takes part in coordinating the recovery activities in emergency situations in conjunction
  • 2. with other firms. These activities are aimed at reducing the impact that a cyber attack makes and also try to restore any data or operations that might have been brought down as a result of the attack. An analysis of the data gathered from security threats is also made by the firm in order to learn more about the nature of attacks and to prevent future attacks from happening. Additionally they also conduct an evaluation of malware applications in order to better know which systems are at risk of attacks and how these attacks can be detected in a system (Ferran, 2012). The response team also has the role of working hand in hand with other security agencies in the quest of coming up with mitigation steps aimed at preventing and dealing with cyber security threats. The bodies share data that they have individually gathered and by putting it together they are able to come up with a clearer picture as to how security attacks are manifested and how they can be able to better detect these security threats. The U.S Computer Emergency Response Team follows the best guidelines when it comes to cyber crime response and emergency response preparedness. They use the best approach when t comes to collection of data relating to security threats by getting it from actual security occurrences. The feedback from the general public is also a rich source of information in matters concerning cyber security. By colluding with other security agencies they stand a better position to more effectively combat security threats and possible attacks. The body’s initiative to inform and educate the general public in issues relating to data security and cyber attacks is a crucial tool in enabling successful prevention of cyber attacks. When the public is aware of the threat that they face in data security they are able to contribute in safeguarding themselves against such malicious security threats. Stuxnet was a computer malware that was first noted in 2010, July. It exploited a zero-day vulnerability and attacked
  • 3. Windows PCs and also other industrial software and equipment (Techopedia, 2018) . It is believed that the worm spread through flash drives that were infected with the malware. The worm was so sophisticated and is believed to have been made by a group of very talented professionals probably working for government(s). It exploited a total of four unpatched vulnerabilities in the windows PCs at the time of discovery. The industrial control systems computer emergency readiness team (ICS-CERT) was in charge of the mitigation process for the stuxnet malware. It employed a number of steps in a bid to try and control the malware which was proving to be highly infectious having infected thousands of computers around the world. One of the many steps that the U.S body has taken is to effect application of patches on host systems. As seen earlier the stuxnet worm targeted windows pcs and used a total of four zero-day vulnerabilities in making possible its infection. The first step was therefore to address these unpatched vulnerabilities in the windows machines so as to prevent further infection by the malware. Organizations affected by the malware and running winCC or step7 software should follow Siemmens recommendations for applying the windows update. The malware also exploits a vulnerability addresses in theMS08-067c patch though it is not clear how this is used. The ICS-CERT urges control system administrators and operators to review system upgrades and also apply the patch if it had not been effected previously. Administrators are further urged to consult their control systems vendors prior to making any system changes. USB drives being the main channels of the infection, the ICS- CERT recommends that the best practices are used when dealing with these flash drives. This is because attackers use the convenience and wide usage of these thumb drives to enable propagation of the malware. Companies are asked to review their policies further to prevent any loopholes that might lead to
  • 4. infection by a malware such as the Stuxnet worm. By having strong policies on the usage of such material it is hoped that the transfer of malware from an infected computer to another one can be controlled and therefore stopped. Hence it is important for companies to enact such policies. The ICS-CERT outlines a due process to be followed in the incident that a system becomes infected by the Stuxnet malware. This though depends on the type of system that has been infected. A system that does not run or use Siemmens products will have a relatively easier time handling the malware as compared to the system that uses products from Siemmens. System administrators are again advised to practice high discretion and caution before making any major system changes or using anti-virus products. If a system is running Siemens winCC or step7 software and is identified as to have been infected by the stuxnet malware then Siemens customer care support and also ICS-CERT should be contacted. Additionally Siemens advices that a Microsoft patch should applied which runs the sysclean tool then the host system should also install the SIMATIC security update. Although usage of the SysClean tool does appear to prevent the worm from infecting new flash drives it does not fully remove all files related to the malware. This is mainly attributed to the complexity of the malware. Due to this the ICS-CERT recommend that affected companies closely work with them so as to determine whether total rebuild of systems is necessary. This rebuild can be effected through manual or automated means. The ICS-CERT also offer support to companies seeking further guidelines on how to deal with the stuxnet threat or those that may require further analysis of the effects of the malware to their systems. Also it is worthy to note that systems that do not run on the Siemens products will have an easier time dealing with the malware as it is inert and almost completely harmless in such systems.
  • 5. Alternate sites are not completely ideal for companies that run on the industrial systems control technologies. This is because these systems control critical infrastructure such as power, transport, gas and water directly. As such any interruption to such system is really dangerous and high risk as it could mean total sabotage, failure or shutdown of the main processes or even the entire industry. Many companies for instance go on to continue working with the original systems even after a malware infection has been detected. To them it is better to deal with the malware problem as they go on running normal industry processes as it is less risky that way. Various other challenges also prevent shift to a hotsite. For example many industries running on the industrial control systems only allow 5 minutes downtime an year hence it makes it extremely difficult to even carry out a forensic study or analysis in a bid to try and identify malware infection or other security breaches. The fact that these systems also run on small processors makes it even more difficult since they would not be able to run basic antivirus software. Small processors have very limited computing capabilities and might just not be able to handle the antivirus softwares that could have been applied on the systems. Additionally it is hard to apply changes to ICS systems since they were developed during the pre-internet era and do not allow for connectivity, hence it is difficult to apply any updates to them as there would be no means of authenticating commands given. The challenge here is that these systems only communicate point to point. The option of doing a complete replacement of such systems is also not feasible since these are legacy systems that have been in operation for 15 to 30 years or more. Companies with such systems are also quite reluctant to overhaul these systems due to the fact that these systems have been operating error free for long duration of times. Even if an overhaul was possible it would be extremely expensive for such
  • 6. industries. The fact that this systems have to adopt a connectivity plan has made some of them purchase off the shelf software products for example operating systems like windows and Linux. This increases the security threat that is glaring at such systems. Thus is due to the fact that it is quite possible to infect systems that are interconnected in a network as there would be an actual channel through which the malware would be transmitted. Companies running on the industrial control systems are thus required to practice complete discretion when it comes to handling the operations of their systems. It would mean havoc if the systems are infected by a hazardous malware for instance because dealing with malware on such system is a daunting task. The fact that it is also quite difficult to shift such systems to alternative sites also makes it even more imperative to safeguard the original systems from malware attacks. Of importance though is the need to engage more discussions involving the security of legacy systems and even newer systems that utilize the industrial control system technologies. This would position many industries in a place where they would be able to easily deal with and control any form of malware attack that poses a danger to their systems. The need becomes even more glaring with the onset of more frequent attacks on such systems. The mere fact that replacement of such systems or even shifting is impossible should make security researchers pay more attention to this field so as to come up with proper mitigation steps that will assist industries to easily secure their systems and prevent losses that would arise. A lot of planning has to go into securing industrial control systems in order to safeguard them from possible attacks, which can be quite fatal. Below are some of the necessary steps that could be taken to ensure that these systems are well protected from such attacks. The first step would be to secure the networks. A well secured
  • 7. network entails having a good network design and well-defined boundaries. Additionally the networks should be segmented by implementing the ISA IEC 62443 standard. The wireless applications should also be secured as well and also deployment of secure remote access solutions should be carried out. The firms should then conduct regular inspection and monitoring of their industrial network infrastructure equipment. Another important step would be to secure all end points. Having firewalls, using proprietary software, imposing protocols and even air gaps is not enough. All these are bypassed when employees, contractors or anyone else bring their laptop, flash drives or other equipment into the corporate network. These devices can compromise the security measures that have been put in place by providing loopholes for security breaches. It should therefore be the policy in all firms that personal equipment like laptops or thumb drives should not be connected to the corporate network. Organizations are urged to carry out asset discovery. This well help them map out and actually come up with an inventory of all the endpoints available. Once this is done the necessary configurations should be applied to these endpoints to make them secure from attacks. Constant monitoring of these endpoints should then be done to ensure that they are protected and in the correct state at all the time. This will enable the firm to detect any unauthorized changes that might be made to this points and act accordingly before the newly created weak point is exploited by an intruder. An important activity that industrial control systems do to prevent attacks is securing the industries controllers. These are computers that bridge the gap between programming instructions and commands given to the system and the actual components that interact with the physical world. These include sensors for temperature, pressure, calibration devices, valves etc. A successful intrusion into such computers would deal a serious
  • 8. blow to a firm. This is because a malicious actor would be able to wreck havoc if they were to actually get in control of these systems. As such it becomes extremely important to secure these points(Authier, 2018). Organizations should implement security features on vulnerable controllers, monitor the rest for any changes that could spell a security threat. It is important for control systems to review their password policies from time to time to make them secure and hack proof. Weak passwords could be a loophole for malware to gain control of critical system components. The hardware and software element of many ICS systems is also outdated something that has to be looked into if security of such systems is to be guaranteed. Traditional penetration testing should be conducted on such systems by simulating real attacks so that any loophole that has not been addressed can be discovered and patched or rectified. The approach of using a red team can be considered as one of these procedures in order to increase the effectiveness of such tests in establishing the weak points in a system. Even for air-gapped systems, it is still crucial to conduct such tests since it is very possible for attacks to be carried out on such systems, say using infected flash drives for example. The steps above if followed correctly can to a very large extent prevent and protect industrial control systems from cyber attacks that can damage or interfere with them. References Techopedia (2018). Stuxnet. Retrieved from https://www.techopedia.com/definition/15812/stuxnet Ferran, L. (2012 June, 29). When Stuxnet Hit the Homeland: Government Response to the Rescue. Retrieved from http://abcnews.go.com/News/when-stuxnet-hit-the-homeland- government-response-to-the-rescue/blogEntry?id=16680284 ICS-CERT. (2010 September, 15). Stuxnet Malware Mitigation
  • 9. (Update B). Retrieved from https://ics-cert.us- cert.gov/advisories/ICSA-10-238-01B Rouse, M. (2018) hot and cold site. Retrieved from https://searchcio.techtarget.com/definition/hot-site-and-cold- site Ashford, W. (2014 October, 15). Industrial control systems: What are the security challenges? Retrieved from https://www.computerweekly.com/news/2240232680/Industrial- control-systems-What-are-the-security-challenges Brasso, B. (2016 May, 26). Taking Steps to Prevent Critical Infrastructure Cyber Attacks. Retrieved from https://www.fireeye.com/blog/executive- perspective/2016/05/taking_steps_to_prev.html Authier, G. (2018 February, 4). A Solid Approach to Protect your ICS Systems: Simple as 1-2-3.Rerieved from https://www.tripwire.com/state-of-security/ics-security/3- simple-steps-securing-ics-systems-digital-threats/