2.

1
Project 3.1: Finding Out About Cyber Stalking and the Law
1. Using the Web or other resources, find out what your state’s, country’s, or province’s
laws are regarding cyber stalking.
2. Write a brief paper describing those laws and what they mean. You may select to do a
quick summary of several laws or a more in-depth examination of one law. If you choose the
former, then simply list the laws and write a brief paragraph explaining what they cover. If
you choose the latter option, then discuss the law’s authors, why it was written, and
possible ramifications of the law.

Project 4.2: Defending Against Specific Denial of Service Attacks

1. Using the Web or other tools, find a DoS attack that has occurred in the past 6 months.
You might find some resources at www.f-secure.com.
2. Note how that attack was conducted.
3. Write a brief explanation of how you might have defended against that specific attack.

2.2
Research major types of cyber attacks. Write a 5 page paper that includes the
following:
1. A summary of 3 types of attacks.
2. A real-life example for each type of attack.
3. Information on how to prevent the attacks.
4. Evaluation of which of the attacks is the hardest to pro- actively protect against
and why. 

Your submission should cite at least 3 credible sources. 

2.3
Share an article on a cyber attack. Provide a critique on how the organization
responded to the attack.
Project 3.1:

In Wisconsin, cyber stalking can be prosecuted as criminal harassment, felony

stalking, or other offences. Bullying has always been a problem for teenagers, but

cyberbullying—bullying that takes place over the internet—is a newer version of this age-old

social evil that poses new issues for youth and those around them. With text messaging and

other networking sites becoming a vital element of teen social interaction, this behaviour is

becoming more widespread. Many people are unaware that cyberbullying is a crime. Several

Wisconsin criminal statutes, particularly harassment and stalking, may apply to cyberbullying

by and against minors, according to this article.

Wisconsin's Criminal Harassment Laws and Penalties

Cyberbullying can potentially be construed as criminal harassment. It happens when

the victim is subjected to two or more acts that annoy or intimidate her. When aggravating

conditions exist, such as the bully purposefully acquiring access to the victim's personal

details through digital communication or threatening the victim in a way that puts them in

danger of damage or death, the punishments increase.

Misdemeanours. Harassment begins as a class B forfeiture, but attorneys can pursue

harassment as a class a misdemeanours if the offender violates a no-contact order or threatens

the victim with death or grave bodily damage. A class a misdemeanours carries a maximum

sentence of nine months in prison and a fine of $10,000.

Felonies. The crime becomes a class I felony if the offender has a prior conviction for

harassment involving the same victim and the current infraction occurs within seven years of

the previous conviction.

Cyberbullying and Cyber stalking: Criminal Defences

Those facing criminal accusations connected to the illegal use of a computer,

harassment, or stalking may explore the following defences, among others.

Free Speech

The United States Constitution protects free speech as a basic, but restricted, freedom.

When communication (words and acts) is likely to be damaging to others right away, the

government has the authority to penalise it. Falsely exclaiming "fire!" in a packed theatre and

sending terrorist threats are two examples. Because the distinction between protected and

criminal communication is not always clear, it may be permissible to pursue a free-speech

defence in certain instances.

Reasonable Reaction of Victim

Not all crimes necessitate a legitimate fear on the part of the victim, but some do.

Criminal stalking, for example, demands that the bully's actions cause the victim to

experience fear or substantial mental distress that is justified under the circumstances. As a

result, if the victim was hypersensitive to behaviour that would not have upset a reasonable

person, it is unlikely that the activity was illegal stalking.

Will Adolescents Face Juvenile or Adult Court?

The juvenile court system primarily deals with children between the ages of ten and

sixteen. Instead of perjury prosecution and conviction, a juvenile will face a delinquency

charge and an adjudication. Juvenile court judges have more discretion in sentencing than

adult court judges. Counselling, community service or labour programmes, educational

programmes, or incarceration in a juvenile facility are among choices available to juveniles.

Only a few states consider a 17-year-old to be an adult for criminal prosecution

purposes, which means they can be convicted and sentenced to prison just like adults. In
some cases, one party may request that a 17- to 19-year-old be sent to juvenile court. The

judge will decide whether or not such a request should be granted.

References:

https://wilawlibrary.gov/topics/justice/crimlaw/stalking.php
Project 4.2:

Three VoIP providers in the United Kingdom have been targeted by DoS

(DDoS) attacks.

At least three UK VoIP services have been targeted by a DDoS attack, according to

the Cloud Communications Alliance (CCA). In an email sent on that morning, CCA stated

that it has learned of a "sophisticated, specific, and ongoing attack" perpetrated by the

Russian cybercriminal outfit REvil. Two of the three providers were identified as victims of

the hack on Monday, but CCA did not name the third. According to the business, the attack

on Voip Unlimited core network began on August 31 and lasted 75 hours. No more attacks

happened over the weekend, according to a report provided this morning by this business.

The attack was detected at the same time by London-based Voipfone, which claimed this

morning that its services are fully operating and traffic is being actively monitored. During

the three-day timeframe, both companies' services were disrupted. According to CCA, the

perpetrators demanded a ransom of 1 Bitcoin, which quickly increased.

The assault entails repeatedly bombarding a company's network with traffic ranging from 100

to 450 gigabits per second. It begins with an attack on IP addresses used for SIP entrance and

egress, but quickly expands to include additional services. The attack, according to CCA, can

evade several common DDoS defences.

References

[1] https://www.computerworld.com/article/2564424/how-to-defend-against-ddos-
attacks.html
2.2 Cyber Attacks
Introduction

An unauthorised attempt to access a computer system in order to size, change, or steal

data is known as a cyber-attack. Cybercriminals can start a cyber-attack using a variety of

attack vectors, including malware, phishing, ransom ware, and man-in-the-middle attacks.

Inherent and residual dangers allow each of these attacks to take place. By hacking into a

vulnerable system, a cybercriminal can steal, alter, or destroy a specific target. A data breach

is a common side effect of a cyber-attack, in which personal information or other sensitive

information is exposed. Cyber-attacks are directed towards a resource (physical or logical)

with one or more exploitable flaws. The resource's confidentiality, integrity, or availability

could be jeopardised as a result of the war. Disruption, data expose, or centralisation may

spread beyond the one first identified as exposed in some computer security, including

gaining access to an organization's Wi-Fi network, social media, operating systems, or

sensitive information such as credit card company account details. While an attacker can

access an IT system in a variety of ways, the majority of cyber-attacks use approaches that

are quite similar. The sorts of cyber-attacks listed below are some of the most common-

Malware, Phishing and a SQL injection.

Types of Attacks

Malware attacks are popular cyber-attacks in which malware performs illegal actions

on the victim's computer. Malicious software covers a wide range of assaults, including

ransom ware, spyware, command and control, and more. Malware has been accused by

criminal organisations, state actors, and even well-known enterprises. Because of their

widespread impact, some malware attacks, like other types of cyber-attacks, receive
widespread media attention. The WannaCry ransom ware assault is an example of a well-

known malware attack.

Phishing is a sort of cyber security assault in which hostile actors send messages

posing as a trusted individual or organisation. Phishing communications trick users into doing

things like downloading a harmful file, opening a malicious link, or disclosing personal

information like login credentials. The most popular sort of social engineering is phishing,

which is a broad word for attempts to mislead or deceive computer users. In practically all

security events, social engineering is becoming a more common threat vector. Phishing and

other social engineering assaults are frequently integrated with additional threats including

malware, code injection, and network attacks.

A Queries is a demand submitted to a database, a digital store of data for some type of

activity or function to be performed, such as data querying or SQL code execution. Whenever

a user's login information is submitted using a web form to get access to a website, this is one

example. This kind of web form is typically meant to accept only a few types of data, such as

a name and/or password. When that data is entered, it is compared to a database, and if the

two match, the user is permitted access. They will be refused access if they do not comply.

There are potential difficulties because most web forms do not have a way to prohibit more

data from becoming entered. Attackers can take advantage of this weakness by using input

boxes on the form to submit their own searches to the databases. This could allow them to

participate in a range of illegal activities, such as data theft or data manipulation for personal

advantage.

A Real-Life Examples and preventive methods

In May 2017, the Ransomware outbreak became a global pandemic. This ransomware

assault infected Microsoft Windows-based computers. Users' files were kidnapped, and a

Bitcoin ransom was required to get them back. The harm caused by this attack may have been
prevented if not for the ongoing usage of antiquated systems and an illiteracy about the

importance of installing software. The cybercriminals behind the attack used a hack

purportedly devised by the US National Security Agency to exploit a flaw in Microsoft's

Windows version. This breach, codenamed EternalBlue, was made public by a group of

hackers known as the Threat Actors prior to the WannaCry assault. Let's look at how the

WannaCry ransomware outbreak happened and what it meant. Here are a few pointers from

us. Computer users became targets of the WannaCry attack because they had not updated

their Microsoft Windows operating system. If they had maintained their network services on

a regular basis, they would have profited from the latest update given by Microsoft prior to

the intrusion. This vulnerability was used by EternalBlue to infect machines with the

WannaCry ransomware, which was addressed by this patch. Make absolutely sure your

computer system and software are updated. This is an important step towards avoiding

ransomware. Computer users became targets of the WannaCry attack because they had not

updated their Microsoft Windows operating system. If they had maintained their network

services on a regular basis, they would have profited from the latest update given by

Microsoft prior to the intrusion. This vulnerability was used by EternalBlue to infect

machines with the WannaCry ransomware, which was addressed by this patch. Make

absolutely sure our computer system and software are updated. This is an important step

towards avoiding ransomware. Make regular backups of our data using an external hard drive

or online storage. If we have backed up our files, it will be protected if we are hit by

ransomware criminals. After we have stored up our data, remember to disconnect our

external storage device from our computer. If we attach our external harddrive to our PC on a

regular basis, we risk exposing it to ransomware families that can encrypt data on these

devices as well. [1]

 Attackers sent a phishing email that looked like it came from Amazon in September

2020, aiming to obtain consumer credit card information. The email claimed that the

customer's account had been deleted owing to too many failed login attempts and directed the

user to a bogus Amazon Billing Centre website, where they were urged to re-enter their

payment details.

Malware and other malicious payloads in email communications can be protected with

modern email filtering technologies. Emails with harmful links, attachments, spam content,

and language that could indicate a phishing attack can be detected using solutions. Email

security solutions block and quarantine questionable emails automatically, and data

encryption technology "detonates" emails to see if they contain harmful code. Simulated

phishing attempt testing can assist security teams in evaluating the effectiveness of security

awareness training programmes as well as helping end users better comprehend assaults.

Even if our employees are skilled at spotting fraudulent messages, they should be put through

phishing tests on a regular basis. Because the threat landscape is constantly changing, cyber-

attack simulations must as well.

APT gang hackers launch GhostShell attack Using SQL injection, Team GhostShell

attacked 53 universities, stealing and publishing 36,000 student, academic, and staff personal

details. Whether we're a website owner, a normal internet user, or a huge organisation, SQL

injection attacks can affect us. SQL injection will continue to be a prevalent attack vector in

the future due to its widespread use. As we can see, we have a lot of options for avoiding an

attack. The easiest way to avoid SQL injection is to take proper safety precautions. This

enables companies to safeguard their data and respond to attacks before they cause

substantial harm. SQL injection attacks can be avoided by cleaning up application code and

utilising parameterized queries to differentiate between legitimate and malicious input. [2]
Between the internet and a web application, a software firewall serves as a barrier, filtering

out malware and questionable activity. We can configure our WAF to give adequate

protection against Code injection as well as other types of cyber-attacks like cross-site

scripting (XSS) and cookie poisoning, among others. If a SQL injection vulnerability is found

in open source code, a WAF can help guard against future risks while patches are being

developed. SQL injection can be considerably reduced by limiting our application's database

privileges. Use the least privilege principle, which asserts that database users should only

have access to the data they need to complete their tasks.

Rather of having a single database user for your application, we may want to explore creating

multiple database users and assigning them to various application roles. We should keep an

eye on every link in the security chain to avoid significant consequences. [3]

Conclusion

To win the battle against cybercrime, businesses must first understand how they are

being attacked. Here are the six least dangerous types of cyber-attacks, as well as how to

avoid them. The objectives behind cyber-attacks have varied in recent years, with

disinformation and disruption joining the more classic drives of data theft, extortion, and

damage, and the issues they bring have several private security companies on the back foot.

So more individuals and devices that a network connects, the further difficult it is for hackers

to escalate the cost of an attack to the point where they will give up. The value of a network

is proportional to the square of the number of users connected to it, according to Metcalfe's

Law. As a result, security teams must accept that their networks will be constantly assaulted;

but, by understanding how various types of cyber-attacks work, preventative controls and

strategies can be introduced to reduce the damage they can cause. The following are the most

crucial factors to consider:

 Before reaching their objectives, hackers must gain a foothold in a network, which

necessitates identifying and exploiting one or more vulnerabilities or gaps in their victim's IT

infrastructure. According to data from the United Kingdom's Data Protection Authority,

phishing was the biggest target of hackers in 2019, accounting for nearly 90% of all

intrusions. From downloading a malware-infected attachment to forgetting to use a password

manager, errors could be either inadvertent actions or lack of action. As a result, security

awareness training is a primary priority in the fight against cyber-attacks, and because attack

strategies are always improving, training must be updated to ensure users are aware of the

most recent types of attack. A cyber assault scenario program can be used to test employee

cyber knowledge and provide further training in areas where there are clear gaps.

References

[1] https://www.kaspersky.co.in/resource-center/threats/ransomware-
wannacry

[2] https://www.checkpoint.com/cyber-hub/threat-prevention/what-is-
phishing/

[3] https://www.siemxpert.com/blog/sql-injection-real-life-attacks-examples-
sqli-prevention-mitigation/
2.3

Many parties are impacted in the event of a massive, complicated cyber-attack. It is vital that

they participate in response efforts. However, a successful and timely response necessitates

more than their participation; tight, round-the-clock teamwork is essential. Only when all of

the stakeholders collaborate can a rapid, accurate, and cost-effective response be achieved. In

the event of a large cyber-attack, it is highly typical for a company to hire a third-party firm

to assist with response actions. To be able to interact successfully with all participants, the

party must have extensive legal, regulatory, and investigations skills. As the occasion unfolds

over days, working days, or maybe even months, they assist in conducting timely and

effective investigations, accurately activating the business plan, enforcing a communication

process among all stakeholders, and centrally managing all questions received from domestic

and foreign groups.

A centralised cyber response plan is essential for bringing together parties with

varying interests who must work together to resolve the cyber-attack. Investigating their

functions.

The complete board is responsible for risk oversight. The board is in charge of the response

strategy, which involves contacting employees, the general public, shareholders, and, most
likely, regulators and law enforcement. In addition, the board (or audit committee) must

collaborate with the CFO and independent auditors.

CFO: The CFO has the responsibility to verify the integrity of the company’s financial

controls and data, understand the potential adverse financial impact of the incident and

determine the appropriate financial disclosures in relevant filings, all of which have a direct

impact on the board’s communication with shareholders and the broader public.

The in-house lawyer assists the forensic investigators with practical issues such as

evidence gathering, root-cause analysis, and electronic discovery. In-house counsel typically

takes the lead when dealing with regulators and outside lawyers. They must quickly assess

the incident's possible compliance and legal ramifications in order to properly engage with a

large number of external parties.

Internal and external communication teams are critical for ensuring that the incident is

adequately conveyed to workers, clients, shareholders, and other third - party who may be

affected. Employees who have been adequately informed can aid in the investigation and take

the required steps to prevent the breach from spreading further. To restore trust and inspire

confidence in the organization's ability to manage cyber risk and reduce the incident's

negative impact on operations and customers, timely public communication is vital.

In the event of a cyber-attack, the chief compliance officer (CCO) is responsible for

assessing the regulatory compliance risk, whether it is connected to data protection and

privacy or sector-specific requirements. A large cyber-attack frequently affects numerous

countries or jurisdictions, posing issues for the CCO in resolving the difference — and

sometimes even conflict — between them. When dealing with these challenges, the CCO

must engage closely with privacy experts, the legal department, the board, and the executive

team.
 Many major companies hire a chief security officer (CSO), whose main task is to

protect all assets – whether physical, IT, intellectual property, or people – from all dangers,

including unintentional negligence, malignant insiders, professional criminals, or state-

sponsored groups. As part of the organization's "licence to operate," the CSO is generally

responsible for compliance with national regulations governing security in regulated

industries, government and defence procurement, and key national infrastructure services.

The chief information security officer (CISO) collaborates closely with the

investigation team to quickly identify the root cause of the attack, comprehend its scope, and

assess the threat's risk impact — data stolen, systems impacted, and level of penetration — in

order to contain and eliminate the threat and perform remediation activities. The CISO should

also carefully review the investigation's findings and acquire useful information so that the

company's information security plan and future responses are strengthened.

Reference

[1] https://www.sciencedirect.com/science/article/pii/S2352484721007289

[2] https://hbr.org/2021/03/cyberattacks-are-inevitable-is-your-company-prepared