For this discussion, find a recent news story that details a breach in information security. The breach could have occurred in a government organization or in a private company. Give a high-level summary to provide context to your peers (including a link to the article), then, in your posting, include the following:
What kinds of policies would have helped to prevent this breach?
Why would the policies you suggest help the organization?
What can the organization do differently (in regards to information security) to prevent this type of breach in the future?
Also discuss how the current event relates to one of the
following concepts of information assurance: confidentiality,
integrity, availability, authentication, and/or
nonrepudiation.
Respond to two of your peers’ posts to add to their discussions
about the current event by commenting on how the news story relates
to another concept of information assurance not mentioned in the
original post (confidentiality, integrity, availability,
authentication, or nonrepudiation).
Refer to the Discussion Rubric for directions on completing these discussions.
According to a study by McAfee, MyDoom is a spam-mailing malware that caused the largest economic damage of
all time, it’s estimated damage is about $38 billion. Alarmingly, a report by security company AV-Test tells the total
number of malware has doubled over the past four years.
To detect a normal malware the longest common content in it is
found and deployed in to a security system
as the malware signature. Next time, when attacker sends the same
malware in a packet, security system checks for
known signatures in the packets, if they are found immediately
those packets are dropped. To evade these type of detection
systems, attackers employ various techniques to ensure no trace of
longest common content is fingerprinted and used
as signatures. One of the successful evasion techniques is by
deploying polymorphic malware into victims system. A
malware which exhibits different form after every infection is
called a Polymorphic malware. These malware change their
form after every infection, there by the signature found by a
security system intially would have changed. If a security
systems searches for the same signature, it would fail. For this
reason, attackers frequently use polmorphic malware to
intrude into a vulnerable system.
To thwart these type of malware it’s important to understand
their structure. A typical polymorphic malware would contain
an encrypted payload and a decryption routine. Encrypted payload
contains the malicious instructions in an encrypted
form, usually it looks like a junk data. This encrypted payload is
usually appended to a decryption module.
Once these type of malware are executed in the victim’s system,
control is given to a decryptor which decrypts the
encrypted payload. Decrypted payload would contain the malicious
instructions. These are finally executed to compromise
the vulnerable system.
Apart from encryption, there are many other techniques to deploy
polymorphism few of them are :
• Garbage-code insertion is a technique, where garbage instructions
are inserted into a malware after every in-
fection. For example, we can insert lot of nop instructions after
every infection which makes it difficult for a
security system to compare the two instances of the same
malware.
• Instruction-substitution technique employs polymorphism by
replacing a code with an equivalent but different one.
• Code-transposition exhibits polymorphism by changing the
execution order using jumps.
• Register-reassignment deploys polymorphism into a malware payload
by simple reassignment of registers.
For this discussion, find a recent news story that details a breach in information security. The...
The discussion: 150 -200 words. Auditing We know that computer security audits are important in business. However, let’s think about the types of audits that need to be performed and the frequency of these audits. Create a timeline that occurs during the fiscal year of audits that should occur and “who” should conduct the audits? Are they internal individuals, system administrators, internal accountants, external accountants, or others? Let me start you: (my timeline is wrong but you should use some...
What should Ajanta do about its recent order from SF? AJANTA PACKAGING: KEY ACCOUNT MANAGEMENT Sandeep Puri and Rakesh Singh wrote this case solely to provide material for class discussion. The authors do not intend to iustrate either effective or ineffective handling of a managerial situation. The authors may have disguised certain names and other identifying information to protect confidentiality This publication may not be transmitted, photocopied, digitized, or otherwise reproduced in any form or by any means without the...
I have this case study to solve. i want to ask which type of case study in this like problem, evaluation or decision? if its decision then what are the criterias and all? Stardust Petroleum Sendirian Berhad: how to inculcate the pro-active safety culture? Farzana Quoquab, Nomahaza Mahadi, Taram Satiraksa Wan Abdullah and Jihad Mohammad Coming together is a beginning; keeping together is progress; working together is success. - Henry Ford The beginning Stardust was established in 2013 as a...