Intentional cybersecurity attack on the water utility’s SCADA system

This defense in depth discussion scenario is an intentional cybersecurity attack on the water utility’s SCADA system. It occurs during the fall after a dry summer in Fringe City. The water utility’s Information Technology (IT) person did not receive an expected pay raise and decides to reprogram the SCADA system to shut off the high-lift pumps. The operator’s familiarity with the SCADA system allows him to reprogram the alarms that typically notify operators of a high-lift pump failure. In addition, he prevents access to the SCADA system by others. A wildfire breaks out on the outskirts of the city. Please identify what type(s) of new countermeasures should have been implemented to prevent this cyber attack from occurring.
 
Note:
1. Proper citation(Last name, Year).
2. You must cite or quote every sentence that comes from another source with a properly APA formatted citation, all of the authors last name and year.

Cookies, Privacy and Cyber Security

Cookies, Privacy, and Cyber Security
For this project, you will research, prepare, and write a blog about “Cookies, privacy and Cyber security”.
This should be a technical blog about 2 pages long (not including the references);
It should thoroughly examine and analyze the topic;
Your writing should show complete understanding of the topic and the material (that you have found from other sources) and NOT repeat (or copy) of what was read without your own analysis or elaboration;
It should include relevant examples (search the web, not your anecdotal ones).
This is NOT a newspaper article or history paper and should not be written as such, even if the topic is appropriate, it is a technical topic. It should give credit to the sources and be mindful of copyright and plagiarism.
AND refer to the sources in the blog. I do not require any specific format for this; just make sure credit is given (10)

Businesses Security Policies and Implementation Issues in relation to Cyber Security

Topic: Businesses Security Policies and Implementation Issues in relation to Cyber Security.
RESEARCH PAPER: TOPIC PROPOSAL AND OUTLINE INSTRUCTIONS
The easiest approach for selecting a topic for your paper might be to review the various subject areas covered in the course readings (i.e., search the bibliographies of the textbooks). Although the chosen topic must relate directly to the general subject area of this course, you are not limited to the concepts, techniques, and technologies specifically covered in this course.
Each Topic Outline must include the following 3 items:
1. A brief (at least 3–4 bullets with 1–2 sentences per bullet) overview of the research topics of your paper – you will need to address these in the actual paper. This will be titled “Research Objectives”.
2. A list of at least 3 questions (in a numbered list) you intend your research to ask and hopefully answer. These must be questions that will require you to draw conclusions from your research. These must not be questions to answer your research objectives. This section will be titled “Questions”
3. At least 3 initial research sources, 1 of which is an academic journal or other peer reviewed source. These should match APA formatting of sources.
Example formats for Topic Outlines (an example, not a template):
Research Objectives
• Briefly describe the overall concept of system integration.
• Discuss the traditional approach of big-bang integration including the major advantages and disadvantages of this approach.
• Discuss the traditional approaches of top-down and bottom-up integration and their major advantages and disadvantages.
• Discuss the traditional approach of mixed integration, combining the desirable advantages from the top-down and bottom-up integration approaches.
Questions
1. Why is system integration an important step in the software development process?
2. Why has big-bang integration not survived as a useful testing method?
3. Why have top-down and bottom-up integration not been replaced by more modern methods?
4. Why would you use mixed integration all the time rather than sometimes using top-down and bottom-up integration exclusively?
References
1. Herath, T. , & Rao, H. (2012). Encouraging information security behaviors in the best organizations: Role of penalties, pressures, and potential effectiveness. Descision Support Systems, 47(2), 154-165.
2. Testing Computer Software, 2nd Edition, by Cem Kaner
3. Anderson, R. (2008). Security Engineering: A Guide to Building Dependable Distributed Systems (2nd ed.). Cambridge, MA: Wiley.
During your research, if any substantial changes to your objective(s) are necessary, or a topic change is required, communicate with your instructor via email.
The Policy Research Paper: Topic Proposal and Outline is due by 11:59 p.m. (ET) on Sunday of Module/Week 2.
The Technology Research Paper: Topic Proposal and Outline is due by 11:59 p.m. (ET) on Sunday of Module/Week 5.

Computer Crimes. Types of Computer Crimes. Cybercimes . Cyber Attacks

Computer Crimes. Types of Computer Crimes. Cybercimes . Cyber Attacks
You must be written in Microsoft Word in APA format (350 words per page).
The paper should be between 3500 to 5300 words excluding the title page content and the references page content.
The paper must be at least 10 pages double-spaced, 1″ margin all around, black 12 point font (Times New Roman or Arial) with correct citations of all utilized references/sources.
At a minimum include the following:
-Detailed description of the computer crimes
-Technology involved in the computer crimes
-Future trends in computer crimes
-Companies and forensics involved in detecting and solving computer crimes
-Regulatory issues surrounding the computer crimes
-Global implications for computer crimes
References (minimum of 10)

Cyber Security Assignment ( Speaking Cyber)

Exercise 1: Speaking Cyber
Mark: 25%
In 2016, a group of hackers known as the Hacking Team got hacked by a self-described black hat hacker. The
hacker subsequently dumped their findings and also explained how the hack happened. It was alleged that
“Hacking Team was a company that helped governments hack and spy on journalists, activists, political
opposition, and other threats to their power”. Read about ‘How Hacking Team got hacked’ and address the
following:
A. Briefly summarise what happened. Find out what you can on the actors, including the attacker and the
target(s), and possible motivations.
B. Identify and explain at least three cybersecurity terminologies from (A) above. Where the term was used,
define the term, describe in what context it was used, and give some details. E.g., if “attack vector” is
mentioned, then what is ‘attack vector’, what was the attack vector used and what did it achieve?
It is expected that you will use published materials like online articles, books, journals, conference papers,
news articles etc. and these should be properly referenced. You may want to start from here and here.
Note: You can use any format of your choice. For example, you may address (A) and (B) separately, in
separate sections, or together. So, whether you choose to cover both parts together or separately, the most
important thing is that the report shows your understanding of what happened, the actors, possible
motivations and terminology identification and explanation.

Cyber Security Assignment ( Auditing)

Exercise 2: Auditing
Mark: 30%
This is the second exercise that makes up the Portfolio of CO4610.
A. Briefly explain the use of Windows Registry and demonstrate how the registry can be analysed using
RegShot.
Your discussion should show understanding of regedit and the structure of the registry. For the
demonstration, you are required to do the following:
i. Install RegShot on a Windows machine. You are strongly advised to use a virtual machine (VM)
as you may not be able to undo any registry changes you make. You can use a university provided
VM or one on your personal PC.
ii. Take a snapshot of the system’s registry.
iii. Perform some system changes or install a new software. That is, carry out any activity that will
cause some registry entries.
iv. Take a second snapshot of the registry. This must be done after (iii) above.
v. Compare the two snapshots and briefly discuss your findings. Use screenshots to document this
exercise.
B. On a Linux VM, create a log file in /var/log with your J number (e.g., J12345.log) that collects all
security related logs. Set logrotate to rotate all logs, including the new log, every hour. Compress
the rotated new log and change its permission to 0700. Document and discuss the process you have
taken using some screenshots.
Note: This will require you to create a logrotate configuration file for the new log. Remember that
the options in this log-specific configuration file override the global configuration options which are
contained in logrotate.conf. Refer to the lecture note or read online to remind yourself the
directories where relevant .conf files are stored.
______________________________________________________

Cyber Security Assignment ( Security and Cryptography)

Exercise 4: Security and Cryptography
Mark: 20%
A. What is Frequency Analysis?
B. Using Frequency Analysis technique, cryptanalyse the following ciphertext:
“dfi du cei tpwr du rdnsafm pf ifqkwxcig oirrpmi, au cei npfmvpmi du cei xnpafcizc ar lfdtf, ar cd uafg p
gauuikifc xnpafcizc du cei rpoi npfmvpmi ndfm ifdvme cd uann dfi reiic dk rd, pfg ceif ti qdvfc cei
dqqvkkifqir du ipqe niccik. Ti fdci pfg qpnn cei odrc ukijvifcnw dqqvkkafm niccik cei ‘uakrc’, cei fizc odrc
dqqvkkafm niccik cei ‘riqdfg’ cei udnndtafm odrc dqqvkkafm niccik cei ‘ceakg’, pfg rd df, vfcan ti pqqdvfc
udk pnn cei gauuikifc niccikr af cei xnpafcizc rpoxni. Ceif ti nddl pc cei qaxeik cizc ti tpfc cd rdnsi pfg ti pnrd
qnprrauw acr rwohdnr. Ti uafg cei odrc dqqvkkafm rwohdn pfg qepfmi ac cd cei udko du cei ‘uakrc’ niccik
du cei xnpafcizc rpoxni, cei fizc odrc qdoodf rwohdn ar qepfmig cd cei udko du cei ‘riqdfg’ niccik, pfg cei
udnndtafm odrc qdoodf rwohdn ar qepfmig cd cei udko du cei ‘ceakg’ niccik, pfg rd df, vfcan ti pqqdvfc
udk pnn rwohdnr du cei qkwxcdmkpo ti tpfc cd rdnsi”
Note: You are required to show and explain all the steps taken to deduce the plaintext. Marking criteria
for this task will mainly focus on the steps taken (which needs to be explained) rather than getting the
plaintext correct. Deducing the correct plaintext counts for only 20% of this exercise (4 marks) while the
steps taken and the knowledge shown count for 80% (16 marks). So, using an online tool to crack the
ciphertext won’t be that helpful.
The ciphertext doesn’t count in the word count

Staffing in the Cyber Domain

The presentation was a success, and the CIO of the organization you chose, while pleased, has
another task for you. Because of the overwhelming support he gained from your presentation, he
is assigned with staffing a team to provide the intrusion detection software (IDS) solution.
Therefore, you will provide him with the following information to consider in his planning:
Create 1- to 1.5-page summary including the following:
The number of additional employees necessary to rollout and support an IDS desktop solution
An explanation as to how individuals work with the existing desktop support and malware teams
The job title for those who normally perform rollout and support functions for the IDS desktop
solution
An outline of the daily duties for the additional employees hired for rollout and support functions
for the IDS desktop solution
Part B:
Create an infographic using an infographic maker, such as Piktochart, Venngage, or Canva,
displaying an organization chart showing the following:
The job titles provided in your summary and how they fit in with the existing cybersecurity team
A list of the industry certifications the new IDS rollout-and-support-function employees should
have or can work toward
Include citations as necessary in APA format.

Presidential Executive Order Summary on Cybersecurity

Review the Presidential Executive Order on Strengthening the Cybersecurity of Federal
Networks and Critical Infrastructure (Trump, 2017) (Links to an external site.)
https://www.whitehouse.gov/presidential-actions/presidential-executive-order-strengtheningcybersecurity-federal-networks-critical-infrastructure/ .
Create an executive summary of the document and be sure to address the following:
Explain to whom the policy applies;
list the supporting documents to be used;
Assess the purpose of the NIST Framework in managing risk (levels),
Describe the process of documenting risk (including risk controls (i.e., acceptance, avoidance,
transference, mitigation) to be used according to the EO and considerations to inform the choice
of control;

Cyber Security Issues in Military and Government Sector

In a paper of between 1000 and 1800 words (4 to 6 pages), do the following
•Briefly describe your career field or a field of interest to you.
•Explain what drew you to this field- It would be a great honor to protect service members and
government employee’s valuable data and information from cyber-attacks.
•Examine the impact of past, current, and developing technology in your field, providing specific
examples.
•Discuss the importance of remaining current in technology and other developments in your field.
•Explore ways to get and remain current in your field as you move toward a degree and as you
are working in the field.
Your paper should do the following:
•Be sure to cover all of the topics listed in the first bulleted list that follows GUIDELINES above.
•Be sure to support all of your ideas effectively.
•Organize your paper so that it is clear and the ideas flow naturally.
•Be sure to document your paper consistently and thoroughly in the documentation style
preferred by your mentor.
•Write in a clear, concise way, fully explaining your ideas.
•Be sure that you use proper grammar, spelling, and punctuation