Scribd
Upload
49 views68 pages

Unit 10 Cyber Security (2022)

Unit 10 Cyber Security second semester

Uploaded by

induru gaming
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
49 views68 pages

Unit 10 Cyber Security (2022)

Unit 10 Cyber Security second semester

Uploaded by

induru gaming
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 68

Higher Nationals

Internal verification of assessment decisions – BTEC (RQF)

INTERNAL VERIFICATION – ASSESSMENT DECISIONS


Programme title BTEC Higher National Diploma in Computing

Mr.Dilanka
Assessor Internal Verifier
Unit 04: Cyber Security
Unit(s)

Assignment title Providing a suitable security solution for BND (German Foreign Intelligence Services)

Student’s name
List which assessment Pass Merit Distinction
criteria the Assessor has
awarded.
INTERNAL VERIFIER CHECKLIST
Do the assessment criteria awarded
match those shown in the assignment Y/N
brief?

Is the Pass/Merit/Distinction grade awarded


justified by the assessor’s comments on the
Y/N
student work?

Has the work been assessed


Y/N
accurately?
Is the feedback to the student:
Give details:

• Constructive?
Y/N
• Linked to relevant assessment
criteria? Y/N

• Identifying opportunities for


improved performance? Y/N

• Agreeing actions? Y/N

Does the assessment decision need


Y/N
amending?
Assessor signature Date

Internal Verifier signature Date


Programme Leader signature (if
Date
required)
Confirm action completed
Remedial action taken

Give details:

Assessor signature Date

Internal Verifier
Date
signature
Programme Leader
Date
signature (if required)
Higher Nationals - Summative Assignment Feedback Form

Student Name/ID

Unit Title Unit 10: Cyber Security

Assignment Number 1 Assessor


2024/10/18 Date Received 1st
Submission Date
submission
Date Received 2nd
Re-submission Date
submission
Assessor Feedback:

LO1. Explore the nature of cybercrime and cyber threat actors

Pass, Merit & Distinction P1 P2 M1


Descripts
LO2. Investigate cyber security threats and hazards

Pass, Merit & Distinction P3 P4 M2 D1


Descripts

LO3. Examine the effectiveness of information assurance concepts applied to ICT infrastructure
Pass, Merit & Distinction P5 M3
Descripts

LO4. Investigate incident response methods to cyber security threats


Pass, Merit & Distinction P6 P7 M4 D2
Descripts

Grade: Assessor Signature: Date:

Resubmission Feedback:

Grade: Assessor Signature: Date:

Internal Verifier’s Comments:

Signature & Date:


* Please note that grade decisions are provisional. They are only confirmed once internal and external moderation has taken place and
grades decisions have been agreed at the assessment board.

Pearson
Higher Nationals in
Computing
Cyber Security
General Guidelines

1. A Cover page or title page – You should always attach a title page to your assignment. Use previous
page as your cover sheet and make sure all the details are accurately filled.
2. Attach this brief as the first section of your assignment.
3. All the assignments should be prepared using a word processing software.
4. All the assignments should be printed on A4 sized papers. Use single side printing.
5. Allow 1” for top, bottom , right margins and 1.25” for the left margin of each page.

Word Processing Rules

1. The font size should be 12 point, and should be in the style of Time New Roman.
2. Use 1.5 line spacing. Left justify all paragraphs.
3. Ensure that all the headings are consistent in terms of the font size and font style.
4. Use footer function in the word processor to insert Your Name, Subject, Assignment No, and
Page Number on each page. This is useful if individual sheets become detached for any reason.
5. Use word processing application spell check and grammar check function to help editing your
assignment.

Important Points:

1. It is strictly prohibited to use textboxes to add texts in the assignments, except for the compulsory
information. eg: Figures, tables of comparison etc. Adding text boxes in the body except for the before
mentioned compulsory information will result in rejection of your work.
2. Avoid using page borders in your assignment body.
3. Carefully check the hand in date and the instructions given in the assignment. Late submissions will
not be accepted.
4. Ensure that you give yourself enough time to complete the assignment by the due date.
5. Excuses of any nature will not be accepted for failure to hand in the work on time.
6. You must take responsibility for managing your own time effectively.
7. If you are unable to hand in your assignment on time and have valid reasons such as illness, you may
apply (in writing) for an extension.
8. Failure to achieve at least PASS criteria will result in a REFERRAL grade .
9. Non-submission of work without valid reasons will lead to an automatic RE FERRAL. You will then
be asked to complete an alternative assignment.
10. If you use other people’s work or ideas in your assignment, reference them properly using HARVARD
referencing system to avoid plagiarism. You have to provide both in-text citation and a reference list.
11. If you are proven to be guilty of plagiarism or any academic misconduct, your grade could be reduced
to A REFERRAL or at worst you could be expelled from the course
Student Declaration

I hereby, declare that I know what plagiarism entails, namely to use another’s work and to present it
as my own without attributing the sources in the correct way. I further understand what it means to
copy another’s work.

1. I know that plagiarism is a punishable offence because it constitutes theft.


2. I understand the plagiarism and copying policy of the Edexcel UK.
3. I know what the consequences will be if I plagiaries or copy another’s work in any of the
assignments for this program.
4. I declare therefore that all work presented by me for every aspects of my program, will be my
own, and where I have made use of another’s work, I will attribute the source in the correct
way.
5. I acknowledge that the attachment of this document signed or not, constitutes a binding
agreement between myself and Edexcel UK.
6. I understand that my assignment will not be considered as submitted if this document is not
attached to the attached.

Student’s Signature: Date:


( (2024/10/18)
Assignment Brief
Student Name /ID Number

Unit Number and Title Unit 10: Cyber Security

Academic Year 2022/23

Unit Tutor

Assignment Title BND (German Foreign Intelligence Services)

Issue Date 2024/09/25

Submission Date 2024/10/18

IV Name & Date

Submission Format:
The submission is in the form of an individual written report. This should be written in a concise, formal business
style using single spacing and font size 12. You are required to make use of headings, paragraphs and subsections
as appropriate, and all work must be supported with research and referenced using the Harvard referencing system.
Please also provide an end list of references using the Harvard referencing system.

Unit Learning Outcomes:


LO1 Explore the nature of cybercrime and cyber threat actors
LO2 Investigate cyber security threats and hazards
LO3 Examine the effectiveness of information assurance concepts applied to ICT infrastructure
LO4 Investigate incident response methods to cyber security threats.
Scenario

The German Foreign Intelligence Services was founded during the Cold War in 1956 as the
official foreign intelligence agency of West Germany, which had recently joined NATO, and
in close cooperation with the CIA. It is also known as the Bundesnachrichtendienst (BND).
The new BND headquarters in Berlin, near the former Berlin Wall. The German Foreign
Intelligence Services website has recently been hacked by the hacker group “CLAY”. The
group used multiple ways to hack the website including social engineering to get login
details.

‘EMC Cyber’ is a reputed cyber security company based in Sri Lanka that is delivering
security products and services across the entire information technology infrastructure. To
identify the vulnerabilities of the GFIS existing system the top management of EMC Cyber
has recruited you as a consultant to identify and provide solutions for the vulnerabilities that
exist within the website. You are an independent cyber security consultant hired by EMC
Cyber that when through a cyber-security breach in the recent past. You are expected to do a
background study of the organization and the incident and provide a report to the board of
directors that convinces them to allocate more resources for cyber security. Further, you need
to consult the BND on how to develop the website and systems in the future so that it can
fight back against future hacks.

In your investigation, you have observed that the last Risk Assessment has been conducted
one month ago and no revision has been made afterward. Apart from that,

 No proper backup Servers.


 No records for conducting Training and Development Activities
 No Document Storage mechanism is followed.
 No Management Review Meeting has been conducted since last month.
 Several employees have written down their passwords in sticky notes and pasted them
to their Tables.
 Most of the important documents have been stored in plain text.
 No proper understanding of Information assurance concepts./ incident response
methods
Provide a well-structured report to the management which highlights the findings from the
analysis based on the following tasks.
Activity 01

1.1 Review the types of malicious and criminal cyber activity BND may face, in the current
context. Give a comprehensive explanation of Business and society’s reliance on
technology and Why technology is a target for cybercrime. Your explanation should be
included the impact of cyber security on protecting businesses and society.
1.2 Investigate the potential targets of cybercrime in the BND environment and analyze the
concept of digital systems as ‘targets’ and ‘tools’ as related to cyber security, giving valid
pieces of evidence based on the BND website and other services.

Activity 02
2.1 Describe security threats and hazards to the BND system and evaluate types of malicious
cyber activity and the action that can be taken to neutralize cyber threat actors.

2.2 Using the threats and hazards identified in section (2.1) investigate the common attack
techniques and recommend how to defend against them in order to minimize security risks by
analyzing and mitigating the risks. Your answer should assess the role of threat intelligence
when defending against common attack techniques.

Activity 03

Write an article (Max 4 pages) on the topic ‘Information assurance concepts’. In the article
you have to explore how information assurance concepts can mitigate threats and
vulnerabilities in ICT infrastructure and assess how information assurance could enhance the
cyber resilience of BND ICT infrastructure. The article furthermore must show the
effectiveness of information assurance concepts applied to BND ICT infrastructure. Provide
valid pieces of evidence based on the BND ICT infrastructure.

Activity 04
4.1 Describe security standards, regulations, and their consequences across different sectors
and design a presentation-based training material for BND company staff. (Student must
develop a PowerPoint-based presentation that illustrates the recovery plan with applicable
security standards and regulations within 15 minutes of time including justifications and
reasons for decisions and options used).
4.2 Investigate and identify the types of responses that have been implemented by different
organizations in response to cyber security threats and analyze the role of criminals and other
laws in deterring cybercrime. Evaluate your answer by providing the proper explanations.
Acknowledgement
I take this opportunity to express my sincere gratitude to everyone who supported me
throughout the Cyber Security Assignment. I am thankful for their aspiring guidance,
invaluably constructive criticism, and friendly advice during the assignment work. I am
sincerely grateful to them for sharing their truthful and illuminating views on several issues
related to this assignment. I express my heartfelt thanks to Mr.Dilanka sir for support and
guidance throughout this assignment. I would also like to thank the entire ESoft Management
for having given me the opportunity to complete a valuable assignment.
Table of Contents
Activity 01...........................................................................................................................................16
1.1 Cyber-Crime and Cyber threat actors........................................................................................16
1.1.1What is meant by cybercrime?............................................................................................16
1.1.2Types of Cyber crime...........................................................................................................16
1.1.3 Meaning of Cyber Threats..................................................................................................21
1.1.4 Threat actors in the Cyber..................................................................................................21
Types of malicious and criminal cyber activity BND may face...................................................22
1.2 Comprehensive explanation of Business and society’s reliance on technology........................25
1.2.1 Why Technology is a Target for Cybercrime.......................................................................25
1.1 Impact of Cyber Security on Protecting businesses and Society.......................................26
1.2 Investigate the potential targets of Cybercrime in the BND..............................................27
How the attackers hacked the system by using vulnerabilities as tools...................................29
1.2.2 Understanding Cyber security matters considering the concerns listed above..................30
1.2.4 The relationship between Cybercrime’s targeted nature and business and society’s
dependency on technology.........................................................................................................31
Businesses’ reliance on technology............................................................................................32
1.2.5 Operational Efficiency, Cooperation, and Communication.................................................32
1.2.6 Digital systems are thought of as “Targets” and “Tools”....................................................33
Activity 02...........................................................................................................................................34
2.1. Describe security threats and hazards to a system or services process...................................34
2.1.1. Password Cracking for Wi-Fi..............................................................................................36
2.2. investigate common attack techniques and recommend how to defend against them...........39
2.2.1. All the Above-mentioned attack can benefit from the following advice...........................39
2.2.2. Assess the role of threat intelligence when defending against common attack techniques.
....................................................................................................................................................43
Activity 03...........................................................................................................................................46
Activity 04...........................................................................................................................................50
4.1. Describing Security standards, regulations, and their consequences in sectors of an
organization....................................................................................................................................50
4.2 Examining how criminal and other laws work to prevent cybercrime......................................57
4.2.1 Research the different types of countermeasures that have been implemented owing to
cyber security risks and compare the countermeasures taken by an alternative organization...59
Figure 1 Types Of CyberCrime.............................................................................................................17
Figure 2 Types Of Malware.................................................................................................................23
Figure 3 Web Application FireWall......................................................................................................40
Figure 4 Cloud Security.......................................................................................................................42
Figure 5 Data BackUp..........................................................................................................................43
Figure 6 Information Assurance Concept............................................................................................46
Figure 7 Concept.................................................................................................................................47
Figure 8 Vulnerabilities in ICT..............................................................................................................48
Figure 9 Information Assurance..........................................................................................................49
Figure 10 Company recovery Plan.......................................................................................................50
Figure 11Part Of The BND...................................................................................................................51
Figure 12 Analayzation........................................................................................................................51
Figure 13 Analyzation and information collection...............................................................................52
Figure 14 Security Measures...............................................................................................................52
Figure 15 Information Collection.........................................................................................................53
Figure 16 Creative research and technology.......................................................................................53
Figure 17 Security Measures...............................................................................................................54
Figure 18 Security Measures...............................................................................................................54
Figure 19 IT Support............................................................................................................................55
Figure 20 It Support............................................................................................................................55
Figure 21 Safty Procedures..................................................................................................................56
Figure 22 Reasons to discuss these.....................................................................................................56
Figure 23 Responses............................................................................................................................59
Figure 24 Response.............................................................................................................................60
Figure 25 Responses............................................................................................................................61
Figure 26 Responses............................................................................................................................62
Figure 27 responses............................................................................................................................63
Figure 28 Responses............................................................................................................................64
Figure 29 Responses............................................................................................................................65
Figure 30 Responses............................................................................................................................66
Activity 01
1.1 Cyber-Crime and Cyber threat actors

1.1.1What is meant by cybercrime?


Cybercrime encompasses a wide variety of criminal activities that are run with the use of
computers, networks, or the vast expanse of the internet. The spectrum is incredibly wide,
ranging from an illicit access to someone's personal e-mail account by unauthorized persons
to complex, big-time, organized operations meant to destroy entities like governments, large
corporations, and even the entire financial systems at the heart of an economy. Criminals
committing cybercrimes take advantage of any weakness within the core technology, coupled
with the potential for human error, to illegally access sensitive information, steal valuable
data, disrupt important services, or cause other damaging forms of harm to individuals or
organizations. (Kaspersky, November 06, 2019)

1.1.2Types of Cyber crime

The term 'Cybercrime' is generic and denotes a host of activities considered criminal in
nature, whose essence is the fact that these are principally committed within cyberspace and,
in most instances, using highly advanced and sophisticated technologies. Cybercrimes can be
divided into several categories, each having its distinctive features in methodologies,
objectives, and eventual results. Knowledge of different categories of cybercrimes is very
significant for shielding persons, groups, and government authorities from impending digital
risks in an increasingly connected world. (cybertalents, 2024)
Figure 1 Types Of CyberCrime

1. Financial cybercrimes
 Phishing - It ranks among the most dangerous categories of cybercrimes,
where fakers use emails and text messages with the express aim to control or
deceive the subject into disclosing sensitive information. Often, these
comprise such basic things as passwords, credit card access codes, and other
forms of bank account access that are crucial in ensuring security over
financial and personal identity. (cybertalents, 2024)

 Online Fraud - Internet fraud is a general category of conning using the


Internet, such as providing for sale non-existent fake goods or unauthorized
purchase transactions using somebody else's credit card information. This
category of crime may take different faces: online auction fraud, when money
is taken for an item never delivered; investment fraud when false investment
opportunities are being promoted to future "victims"; and many others. For
high-value or prescription drugs, the sale of counterfeit versions can be an
online fraud that uses another person's identity to further such fraudulent
activities. Prevention against online fraud may therefore entail vigilance
during online transactions, taking time to research well the reputation of
sellers and websites someone intends to deal with, and not sharing personal
information with an entity unknown to him. Using payment methods that have
built-in security features, for instance with credit cards incurring fraud
protection, and checking bank statements regularly can protect against online
fraud. (cybertalents, 2024)

 Identity theft - Identity theft is usually a serious and pervasive crime where
one's personal and financial information is taken and then used in other
malicious ways or to gain financially. This normally occurs when a thief
acquires sensitive information from the victim himself: either his Social
Security number, birth date, address, or even credit card number, through
phishing scams, data breaches, and even physical theft of personal documents.
With this at hand, the thief can substitute one's identity and create new credit
accounts, make purchases, or sometimes even commit various crimes under
the victim's name and surname. The aftermath of identity theft might prove to
be really brutal: financial loss, damage to credit scores, and emotional trauma.
Identity theft may also lead to further illegal activities: tax fraud, medical
identity theft, or even human trafficking. It is, therefore, in line with
significance that individuals take personal initiatives pertaining to the
protection of their personal information, such as checking credit reports, using
difficult-to-guess passwords, and not letting confidential information get out
online.

 Credit card Fraud - Credit card fraud can be described as one kind of financial
fraud in which some unauthorized person uses a stolen, lost, or fake credit
card and draws fraudulent transactions that result in the financial loss of a
cardholder and a merchant. This may occur through several means, such as
card skimming, phishing scams, or physical stealing of credit cards. FRAUDS
use the stolen information to make online purchases, create fake credit cards,
and even draw cash from an ATM machine. Furthermore, such fraudsters steal
credit cards to commit identity theft to pose as credit card holders in person or
over the internet and carry out some criminal activities. Consequences of
credit card fraud could range from financial loss to damage to one's credit
score and further to some serious legal consequences. It is now necessary that
one should keep an eye on credit card statements, report suspicious
transactions, and exercise general precaution to safeguard credit card
information by using a secured online connection and avoiding phishing
scams. Financial Loss, Damaged Credit Scores, and Emotional Distress.
Moreover, it opens the door to other illegal actions such as tax fraud, medical
identity theft, and even human trafficking. Considering this, the first steps
toward protecting their personal information are to be taken through
monitoring their credit reports, using strong passwords, and exercising caution
in posting sensitive information on the internet. (cybertalents, 2024)

2. Hacking and unauthorizes Access


 Malware - Malware is referred to as types of software, the purpose of which is
to destroy, disrupt, or exploit generally any device, computer system, or
network. Examples of malware include but are not limited to viruses, worms,
Trojans, spyware, adware, and ransomware. These may be transmitted
through an infected download of software, phishing emails, infected websites,
or an infected external device. Malware installed on a system performs many
ill functions. It may include data leaking, system breaks, malware installed
one after another, and accessing unauthorized areas. Further, malware is being
used for propagating DDoS and IP theft among many other channels in
cybercrime. Losses caused due to malware infection could be that of critical
data, system crashes, and financial losses. This would require the installation
of an antivirus program, updating it regularly, avoiding suspicious downloads
and emails, and browsing safely.
 Ransomware - Ransomware is data-encrypting malware that confines the data
of its victims or makes it impossible to use the computer for its owner. In
general, the two common ways it spreads are via phishing emails and from
malware-infected software downloads. Once there, it can spread laterally
across the network with surprising speed, encrypting the data and making it
inaccessible. The attacker then requires a ransom in exchange for the
decryption key. Ransomware attacks have, to a considerable extent, caused
huge data loss, led to system downtime, or even economic loss. Sometimes,
even after the ransom is paid, the hackers might never give out the decryption
key or, in the worst of it all, keep on attacking. It's in relation to these that
personal sensitive data should be backed up, software and operating systems
updated, crucial antivirus software installed, and safe browsing habits
maintained. In addition, the fact of having an incident response plan may well
blunt the effect of a ransomware attack. (cybertalents, 2024)

3. Cyberstalking and Harassment


 Cyberbullying - Cyberbullying is that kind of bullying that occurs through
these devices’ phones, laptops, and those tablet things everyone had a few
years back. Well, it’s kind of like when someone is online and intentionally
tries to hurt someone else, like when they message them nasty things, or
posting something that will embarrass that other person or ignoring someone
on purpose on a chat. For instance, it can be abusive and threatening another
person to being behind the wheels of a car, starting a rumor that will probably
bring someone’s reputation down. Yes, it is big because it can cause people to
feel a lot of sadness and loneliness and on the extreme, they may think of
ending it all by suicide. (cybertalents, 2024)
1.1.3 Meaning of Cyber Threats
Cyber threats mean some form of threat or threat act that targets an organization or an
individual with the aim of unauthorized access to his or her computer systems,
networks or electronic data. These threats can be actualized in many ways such as
hacking, phishing, ransomware, malware, Virus, Trojan horses, spyware, and denial
of service (DoS) attacks. They may originate from an individual or a group or even a
country to obtain a certain value, support an agenda or principle or merely for the
thrill of it. The impacts resulting from a successful cyber incidence are negative, they
range from loss of sensitive information, loss of control of infrastructure, money,
reputation, and sometimes, loss of lives as well. Besides, such threats are dynamic;
thus, to avoid being vulnerable to these threats, individuals and organizations must be
keen and minimize the vulnerability of their systems to such threats. (Tunggal,
2024/09/16)

1.1.4 Threat actors in the Cyber


Cyber actors are people or entities that present a risk to an organization or person’s
cyberspace investments. Such actors want to may for different reasons with self-
interest, political affiliations or being agents of disruption as some of the reasons that
may push actors into cyber terrorism. Depending on the cause they can be divided
into main groups: nation-state actors, organized crime groups, hacktivists, insiders
and script kiddies. Cybercriminals under this category are backed by their respective
governments to investigate or launch cyber-attacks on other nations or bring down
specific organizations. While the former is more concerned with criminal motivation
to gain financial riches and benefits, the latter involve cyber criminals motivated by
social or political activism. Another type of insider threat is where the attack
originates from an employee or an ex-employee of the organization, while script
kiddies are those individuals that use other tools and attack methods to attempt to
breach an organization’s system. (SOPHOS, 2024/10/17)
Types of malicious and criminal cyber activity BND may face

 Malware Attacks - One of the major threats of the BND is malware attacks
because the information can be leaked and systems sabotaged leading to huge
losses. Malware is therefore a category of menacing programming on
computers with an objective of unleashing havoc on the system in as well as
the network it belongs. It may be transmitted via e-mail, from the use of
infected software download links and compromised network connection. After
getting a foothold in a system, malware enables the attacker to breach the
system’s security, extract information or interrupt the system operation.
1. Ransomware Attacks
2. Trojan Attacks
3. Virus Attacks
4. Spyware Attacks
5. Adware Attacks

Figure 2 Types Of Malware


 Denial-of-Service (DoS) Attacks - The most fearsome threats for the BND
are the DoS attacks which potentially can completely disable the work of
computers and networks, lead to great financial losses and leak confidential
data. Another type of attack is DoS, where the attacker sends traffic to the
system or network, he wants to inhibit with the aim of overloading the system
through sending traffic to it in such a way that normal users are kept out from
the system. This can be simply made by making many requests to a website or
a network and stealing a server’s resources from under it.

Indeed, DoS attacks can be facilitated in different manners such as using


malware, botnets or exploit kits. One can use fake IPs, use DNS more than it
currently uses or even make use of other tactics to launch a DoS attack. The
consequences which may occur due to implementation of DoS attack may be
critical, such as lost time, low productivity, and tarnished image. The
consequences of the DoS attack to BND could be decline of the national
security, critical operations could be damaged, and information could become
unprotected.

 Phishing Attacks - Phishing techniques pose great concerns to the BND as


these attacks can lead to loss of information, set back operations and even lead
the financial loss. Phishing is a kind of social engineering attack where the
attacker employs deceptive means to lure people into handing over sensitive
information such as user IDs and passwords, credit/debit card number, and
social security numbers, among others. The different schemes under the
phishing attack are messages, texts, calls either through phone or text
message, social networks, amongst others.

Phishing is generally a very targeted attack in which the hacker uses advanced
methods to present message that look like they were coming from a trusted
source. For instance, an attacker may forward an email which looks like being
from a company, for example a bank or a government institution, requesting
the receiver to give personal details or click on a link which downloads
malware. The moment the recipient gives the information or clicks on the link
given by the attacker, the latter is free to access the systems and steal
information or install malware.

1.2 Comprehensive explanation of Business and society’s reliance on technology


With regards to the BND, the utilization of technologies is essential since it assists the
organization in gathering, processing and sharing of sensitive information aimed at
identifying and counteracting threats to the security of the nation. Technology is central to
the operations of BND in several ways; the organization uses and has a strong focus on data
analytical tools such as artificial intelligence, machine learning among others to undertake
analysis of large data sets; communication systems and networks to enable secure exchange
of information. This reliance of technology has many advantages such as situations
awareness, threat identification and decision-making but also introduces many risks such as
computer network exploitation, data theft and loss of systems which might jeopardize the
integrity of the information and the function of BND.

1.2.1 Why Technology is a Target for Cybercrime

Technology is a prime target for cybercrime due to the following reasons:

 Financial Gain - Hackers can obtain confidential details, including monitoring, and
will take advantage of the situation. As more and more consumers are engaging in
online transactions or using the card to pay for goods and services, the criminals can
learn how to take advantages of the weaknesses in the technology to steal the
financial details to defraud the card holders and banks.
 Political Motivation - The cyberspace is used by attackers to compromise critical
businesses, steal classified documents or get involved in political decisions. For
instance, nation states and hacktivists may decide to use cyber-attacks so as to realize
their political ambitions leading to serious repercussions in terms of country’s safety
and international peace.
 Revenge or Malice - To inflict injury or disrupt operations through cyber assaults is a
common scenario among cybercriminals who may be driven by revenge or
wickedness. They may have personal issues that incite a grudge against someone else
due just to an individualistic rationale like ideology, thrill-seeking or maybe even
hating society.
 High Return on investment - The internet has many profitable avenues for
cybercrime, which are usually low-risk and offer high-profit margins. Hence,
organized crime groups as well as other cybercriminals have been lured into this
environment.

Impact of Cyber Security on Protecting businesses and Society


Cyber security is important in safeguarding organizations and the public against
cybercriminal attacks. Some of the effective strategies for ensuring cyber security are:

 Protect Sensitive Information - The prevention of illegal access to important


information like monetary details, personal identifiable information (PII) and
confidential business information is one of the major reasons why customers and
partners trust you. Refraining from such acts will safeguard an organization against
losses related to integrity and money.
 Prevent Financial Loss - Decrease danger connected with cyber assaults on money
data, especially the stealing or interrupting of key infrastructures. Thus, ensuring that
firms continue operating normally and avoid losing money.
 Maintain Business continuity - Taking measures to avoid obstructions from
happening in your work will ensure that it continues without any interruptions. This
will in turn make sure that clients remain pleased and there is no harm done to the
business image while fulfilling all rules and regulations set by the authorities.
 Protect National Security - To maintain national security, prevent espionage, and
safeguard the integrity of critical systems, we must deter cyber-attacks on important
infrastructure and confidential data.

For the German Foreign Intelligence Services (GFIS), it’s essential to have proper cyber
security practices as they are vital in safeguarding classified information, averting financial
damage and maintaining the sovereignty of a nation. Investing in strong cyber security
measures will help GFIS to avert any potential breaches, safeguard their systems and data
while maintaining stakeholder confidence. (kala, 2023 june 30)

Investigate the potential targets of Cybercrime in the BND

Due to the high-risk environment that the BND has been operating in, it has become a target
to hackers. Websites of the organization and its local area networks are vulnerable to
different types of cybercrimes.

 Sensitive information
Classified Documents - The BND deals with top secret, secret, confidential
information and documentation in matters to do with national security, diplomacy and
intelligence. It can be analogous that enemies to hospitals may attempt to access these
documents to compromise relevant information.

Employee Data - Proper identity of the organization employee’s personal and


professional information gives a golden chance to the hacker or any cybercriminals.
All this information can be used to commit identity theft, blackmail or even launch a
social engineering attack.
Operational Data - The operation data of the BND contains intelligence gathering
methods, surveillance data, and communication records of agents; therefore, it attracts
the attention of hackers. (Blog, n.d.)

 Disruption of Operation

Website Defacement - A web page of the BND can be easily defaced, which can be
used for malicious purposes such as spreading viruses, phishing for data or simply to
cause damage to the organization. Website def a cement is a form of cybercrime where
an attacker modifies the content of a website in a manner that was not authorized by the
owner of the website. This can lead to negative perception by the public, revenue loss
as well as regulatory fines and sanctions. As for the websites defaming, in the context
of the BND, this is very dangerous, because it might lead to the compromising of state
security and loss of trust in the organization. Furthermore, the infrastructure of the
BND, its digital systems can be instrumental in cybercrime – in the attack on other
organizations, surveillance, distribution of malware and viruses. This is why the
organization needs to pay a lot of attention to implementing effective protocols to
ensure the protection of their computer systems and data. (imperva, 2023/12/20)

Denial Of Service (DoS) Attacks - A Denial of Service (DoS) attack can be described
as a cybercrime where an attacker launches several traffic at the target system from
numerous sources with a view to making the application or the network unresponsive to
legitimate users. This can make the BND website or systems unreachable which may
lead to loss of reputation, loss making and usually disrupts the business. (cloudflare,
2023)
Ransomware Attacks - Ransomware attacks pose a threat because they hold the
BND’s digital systems at risk: data may be encrypted; the organization’s operations
may be impaired; and there may be financial repercussions. Ransomware is one of the
most dangerous forms of malware because it encrypts a victim’s data or a device and
only releases it after the ransom has been paid. (cyber.gov.au, 2024)

 Reputation and Credibility

Reputation Damage - Reputational risk is also a risk that affects the BND because it
reduces its reputation among the citizens of the country as well as international
partners. For example, the loss due to DoS and ransomware attacks includes
reputation, which is not easy to regain and may take a toll on the BND for a long
time.

Espionage - The most important threat for the work of the BND is espionage, since it
may lead to leakage of classified data and affect the functionality of operations. Cyber
espionage for instance is a great danger to the BND since it can be employed to
siphon sensitive data, cause interferences and marshal an advantage.

How the attackers hacked the system by using vulnerabilities as tools.

 Attacks by Malware: Since there is no proper way of archiving the documents, it


becomes the attackers’ delight. Can introduce viruses into the documents and even
save them on a communal network. Thinking that they are safe, innocent employees
may download or open any of these documents which may lead to concerns such as in
the spread of the malware and in the loss of sensitive information.
 Insider threats: If access restrictions and password security are not properly
managed, then insiders with malicious intent might take advantage of their privileged
positions to steal important information. This data may be used for espionage, money
laundering, or personal interests.

 Phishing Attacks: Attackers might create phishing emails and spread them among
the BND employees. Such emails can carry infected attachments or links. Since no
training or development activities have been tracked, employees will not identify
these phishing emails as dangerous and thus open phony content that may enable
malware infection or unauthorized access.

 Attacks Using Ransomware: The shortcomings in the BND include no backup


servers, incident response mechanisms, and weaker password security-all tools that
can be used by an attacker in ransomware attacks. Attackers could breach the
network, encrypt important information, and then exploit the lack of preparedness of
an organization to request keys for ransom. The data breaches, apart from significant
financial losses, could result from this. (Rapid7, 2023)

1.2.2 Understanding Cyber security matters considering the concerns listed above.

In a digitally connected world, it is security that is the biggest secret. With the
increased dependence on technology, the impact of and the level of difficulty
regarding cyber security threats are increasing day by day. In view of the growing
threat, in this landscape, robust procedures are paramount in preventing data leakage
of sensitive data, private information, and infrastructure that is highly salient.
Besides, it would prevent losses through frauds, identity theft, and data breaches.
Where cybersecurity plays a significant role in preserving national security and
ensuring continuous Governments and organizations are performing their operations.
Now, in this time of rapid advancement in technology, Cybersecurity is the necessary
defense to the potentially disastrous effects of cyberattacks on all people,
organizations, and nations.

 Protecting privacy: One of the major concerns for BND is privacy


protection, as it handles sensitive information and personal data. Regarding
keeping the data privacy of individuals and preventing unauthorized access to
personal data, BND has focused on various measures and strategies.
 Managing Reputation Damage: An organization's reputation could be hurt
by an
Insider threat, supply chain attack, or data breach. Again, access control and
employee Education initiatives are two of the cybersecurity strategies to be
adopted to thwart the attack or preserve it. Stakeholder confidence.

 Protecting Private Information: Ransomware, malware, and data breaches


are all becoming more frequent. The number of these vulnerabilities might
cast a risk on private and sensitive information. Organizational information
such as financial data, intellectual property, and personal information.
information. Cybersecurity can make this critical data safe from theft and
thereby avoid serious financial and reputational damage.

 Securing Internet of Things devices: IoT device security: IoT devices are
still vulnerable to DDoS attacks and Botnets. Efficient cybersecurity ensures
personal data security and the integrity of IoT devices in both homes and
businesses.

1.2.4 The relationship between Cybercrime’s targeted nature and business and society’s
dependency on technology

Technology disrupts ways of living, working, and communicating; it makes huge


impacts on business and society. Business technology innovations drive business
process effectiveness, innovation, and globalization that, again, enhance productivity,
speed, and competitiveness. As this affects how customers interact, it fosters e-
commerce, digital marketing, data-driven decisions, and strategies to market. The
change which technology brings to society is immense; it alters the face of
communication, education, health, and entertainment, and it improves access to
information. Greater reliance on technology, however, exposes individuals and
institutions to the threat of cybercrime, hence a growing need for strategic measures
of cybersecurity in personal data protection and assurance of the reliability of digital
operations.

Businesses’ reliance on technology

The German Foreign Intelligence Services case study has shown the way businesses
shape technology. The businesses in the cybersecurity and technology sectors are
important to know the use of technology that intelligence agencies like the BND will
have in the future. These firms assist in the development and provision of advanced
cybersecurity, surveillance, and data protection solutions, which are very important in
intelligence operations. The collaboration between the BND and the IT companies in
the corporate world fosters creativity for Continuous development of technological
instruments to gather intelligence, this is further manifested by the interaction below,
showing how Business and technology go hand in glove, with business at the helm,
followed by technology, eventually affecting the effectiveness of any intelligence
operation.

1.2.5 Operational Efficiency, Cooperation, and Communication


It has really changed the ways in which business operations and communications
have been carried out. Teams, separated by distance, can collaborate in real time
through tools that break down barriers, such as video conferencing and instant
messaging. Systems for work tracking, resource allocation, and project monitoring
are put into place to enhance coordination among different departments. In this way,
these technologies can also enable multinational partnerships and cross-functional
collaborations through a more flexible and connected workplace.

Automation powered with technology and data analytics are an essential cog in the
wheel for modern organizational operations. Automation means better precision,
simplification of processes, and This reduces manual labor. Data analytics enables
decision-making and resource Allocation: inventory optimization through the
leverage of key insights from large amounts of databases. Cost efficiency, effective
resource management, operational
These technological advancements increase the efficiency of doing business through
simplification.

1.2.6 Digital systems are thought of as “Targets” and “Tools”.

Targets
 Infrastructure: BND relies on various digital settings, including It relies on
network protocols, servers, and data centers to enable its operations.
Information Distribution depends on these settings. Also, the analysis and
storage of information depend on the same settings. Cognition might be
damaged in a cyberattack that disrupts or destroys these systems.

 Counterintelligence: The BND must defend itself from attempts by foreign


intelligence agencies to infiltrate and influence its procedures. To prevent data
breaches and eavesdropping, cyber security measures are essential.

 Communication Techniques: Information gathering organizations need to


engage in safe contact. Hackers may attempt to break into, eavesdrop on, or
interfere with the intelligence staff's interface stations. Possible goals include
safe phone interactions, safe email techniques, and stages of encoded
messaging.

 Workers: Identity and personal information of BND staff members may be


targeted by cybercriminals. Several malevolent purposes, such as extortion or
forgery, could be employed with this data.

Tools

 Cyber Actions: Intelligence services occasionally develop lethal cyber capabilities to


defend the interests of the country or respond to threats. Cyberattacks on adversaries'
networks and aggressive, distracting behavior are examples of these competencies.

 Looking into and Viewing: Digitally advanced techniques are employed by BND to
conduct observation and examination of activities. This could involve snooping on
someone, following them, or watching what people do online. To gather intelligence,
these instruments are essential.

 Cyberspying: Intelligence services using cyberspying to obtain information from


foreign countries, individuals, or organizations. This could include the placement of
sophisticated software, abusing vulnerabilities, or breaking into computer networks.

 Crypto analysis: the process by which intelligence services decipher coded


communications and gather intelligence from reliable sources using cutting-edge
cryptography techniques and supercomputing capabilities.

Activity 02
2.1. Describe security threats and hazards to a system or services process

Security Threat can be explained as any act or process that has the potential of posing a
danger or a threat to an organization’s personnel, data or archives. Security threats could be
threats that involve a physical threat to the company and its assets, products or services, or
can be threats that involve hacking or including malware, ransomware.

A person or persons involved in an act or process that is characterized by A cyber threat actor
(CTA) is an entity or individual whose primary intent is aggression with animosity or hostile
behavior and that seeks to cause harm by utilizing computers, devices, systems, or networks.
It is quite shocking that they do not possess similar capacity, equipment, training, and
support for their activities even if they differ in terms of capacity and efficiency. Systems,
services, or processes are threatened by security risks and hazards that endanger the
confidentiality, integrity or availability of computer systems, services or processes. They may
stem from diverse sources and are directed towards various aspects of the computer-
supported system of an organization. (imperva.com, 2023/12/20)

Based on the analysis of BND website and systems, the following security threats and
hazards have been identified.

 Social engineering - Social engineering is a main threat to the BND system and
Website. The exposure of the system to such attacks is evident from the recent hack
by a group known as the “CLAY” who recently got the login details of a user through
social engineering.

 Malware and Ransomware - The BND system and website can be threatened by
Malware and ransomware. Malware is a term used to describe software that is
designed to be malicious to a system, while ransomware is a subset of malware that
blackmails a user to grant them access to their files.
 DDOS - Denial-of-Service (DoS) Attacks: use a set of coordinated strategies as
agreed to increase the notch of the attack. A data breach is defined as unlawful
acquisition or exposure of sensitive data including credit card numbers, customers’
lists, or intellectual property.

2.1.1. Password Cracking for Wi-Fi


Password cracking therefore entails identifying the password that is used to encrypt a
wireless network. This can be done in various methods, which are common methods
employed by hackers to penetrate a network without the required authorization. Here are a
few common methods of password cracking listed below.

1. Brute Force Attack: Another type of attack is also known as brute force where all the
possible characters are attempted in the hope to have an idea of the password.
Although this method takes a longer span of time it is often used in conjunction with
other methods. Brute force attacks can be carried out with the help of certain
applications namely Air crack-ng or John the Ripper.

2. Network Sniffing: A network sniffer “sniffs” or in other words can capture data
transmitted through the network for information for example where the data is
coming from, which device it is coming from, the protocol it is using among others.
These details can be allergist with network administrator to assist in enhancing its
environment.

3. Social engineering: Manipulating the human psyche is what social engineering is all
about. This method allows people to get into buildings, systems and obtain
information without using any technological hacking techniques. A social engineer,
for instance, could call an employee pretending to be a person from IT support and
ask him to divulge his password instead of looking for weaknesses in the software.

Inside Threats
 Malicious actions or carelessness on the part of employees at a company who
are authorized to access vital systems or data.

Ransomware attacks

Suggestion:

 Employee Education and awareness: Employees are educated in the safest


computing practices, avoiding most emails that are suspicious and
downloading them and using complicated passwords.

 Update and Patches: Install and update software commonly so that no known
vulnerabilities can be exploited.

 Email cleaning: use filtering to prevent harmful add-ons from entering your
inbox.

Malware Attacks

Suggestion:

 Implement a Strong Firewall: To configure a robust firewall for the purpose of


obstructing any dubious traffic and hindering any malware from gaining access to the
network, do the following.

 Keep Software Up to date: regularly update and patch software to prevent


exploitation of known vulnerabilities.

 Use anti-virus Software: Maintain up-to-date antivirus software plans.


DDOS Attacks

Suggestion:

 Content Delivery network (CDN): implementation of a Content Delivery Network,


or CDN. A CDN is essentially a wide spread-out network of servers designed to make
content more available to users from proximal locations to reduce latency and
generally improve user experience. With its ability to cache content at edge locations,
CDNs can manage massive volumes of traffic with minimal or no risk of server
overload, ensuring content is always available to users. In addition, a CDN can add
more security by filtering traffic and blocking malicious requests, which would make
any DDoS attack difficult or impossible to perform well for the attacker.

 Use a Web Application Firewall: The WAF is a collection of mechanisms that form
its security mechanism: intercepting and stopping the attacks from successfully going
through in the web application for SQL injection, cross-site scripting, and CSRF
attacks. Thus, German Foreign Intelligence Services can shield their web applications
from malicious traffic using WAF; hereby, minimizing the opportunities for data
breaches and unauthorized access. It can detect and prevent such attacks in real time.
The WAF would act like an additional layer of security between the internet and the
web application.

 Load balancing: Distribute traffic among multiple servers to reduce the impact of an
assault. (cloudflare, 2023)
Password Cracking Wi-Fi

Suggestion:

 Setting up unique passwords for each program is a great way to improve overall
security, and regularly updating them will keep your defenses against both internal
and external attacks strong.

2.2. investigate common attack techniques and recommend how to defend against them.

In the given paper, I have performed various analyses of common attack techniques that
might have been used by this hacker group, "CLAY," in breaching this website.

2.2.1. All the Above-mentioned attack can benefit from the following advice.
Web Application Firewall (WAF)

Among the important security measures to help protect the BND website from common web
attacks are Web Application Firewalls. WAFs are network-based and serve to filter incoming
traffic of a website that may be malicious. The tool can detect and prevent such cases of SQL
Injection, Cross-Site Scripting, and Cross-Site Request Forgery, among others. By applying a
web application firewall, GFIS can reduce the chances of compromising the website due to
some web-based attacks and ensure the confidentiality, integrity, and availability of
information assets. (CloudFlare, 2023)
A

Figure 3 Web Application FireWall


WAF can be configured to detect and prevent specific types of attacks,

 SQL Injection-type attacks have the potential to reveal and compromise the database.
 Attacks of this type of XSS can steal user credentials or inject malware.
 CSRF attacks, which force users to perform actions that users do not intend to do.
 This can be used to upload malicious files, compromising the security of the website.

Using A WAF BND can also Benefit From,

 Improved security posture provides real-time protection against known and unknown
threats.
 Reduced risk of data breaches and cyber-security incidents
 Compliance with relevant regulatory requirements but not limited to: PCI-DSS and
GDPR.
 Better exposure of website traffic with detailed logging and analytics.

DDoS Protection

Considering the above, effective DDoS protection for the website of the BND is very critical
in ensuring its availability and security. With a DDoS attack targeted at it, the website of the
BND would go into debilitating loss regarding general critical operation, information
compromise, and erosion of public trust. To minimize these risks, the BND has been able to
install advanced DDoS protection measures: filtering traffic, rate limiting, and IP blocking-
mechanisms that would monitor for potential attacks in real time and quickly respond.
Further, the BND has been cooperating with domestic authorities on threat intelligence
sharing in relation to DDoS attacks, coordinating their respective responses considering
effectively defending against such a type of threat. (cloudflare, 2023)

Cloud Security

Among the paramount concerns for any organization moving to the cloud, the security in the
cloud secures sensitive data and applications from a slew of threats and vulnerabilities. A
good strategy for cloud security requires people, processes, and technology together to ensure
the

confidentiality, integrity, and availability of the resources based on cloud. This includes but
is not limited to enforcing strong IAM policies, encryption of data at rest and in transit,
regular security audits, and penetration testing for vulnerability detection and exploitation.
Figure 4 Cloud Security

Organizations should also take up CSPM approaches to gain visibility into cloud security
configurations and use cloud security gateways and CASBs to extend security controls into
cloud-based applications and services. This layered cloud security approach can help
organizations in mitigating the chances of cloud-based threats for secure adoption of cloud
computing. (kaspersky.com, 2020/05/13)

Backing up data

The backup of data is one of the most important aspects in the field of data management,
ensuring business continuity with minimum data losses due to hardware failure, software
corruption, or cyber-attacks. One may interpret a robust strategy pertaining to data backups
as the creation of multiple copies of data at different locations regarding integrity and
availability. That is, the 3-2-1 backup strategy: three copies of data on two types of media,
with one offsite.
Figure 5 Data BackUp

Besides that, an
organization can use cloud-based backup services. This is a resource which can easily be
scaled up or down without any issues, hence allowing flexibility and cost-effectiveness.
Regular testing and verification of backups are also very important to provide an assurance
that in case of a disaster, data will be recovered. It can be argued that if an organization
adopts a proper strategy of data backup, then it ensures there is no loss or unavailability of
data with the organization.

2.2.2. Assess the role of threat intelligence when defending against common attack
techniques.
In this connection, the most vital role of thorough threat intelligence is in the protection
against the typical attack approaches due to the evidence-based body of knowledge about the
attackers’ inclinations, intentions, and courses of action. It makes it possible to prevent such
attacks to minimize chances of a successful invasion by hackers. Threat intelligence supports
several practices and utilization models including vulnerability management, risk
management, incident handling and overall security operations. It brings into an organization
accurate STT to identify the attackers, their goals and objectives, unveil the APT and assist
cybersecurity specialists to comprehend the actions and choices of the threat actors.

1. Prompt caution and investigation:

Sources of threat intelligence encompass the security feeds, legal and other documents
made available by the industry and media. They give initial indications of new attacks
moves, malware pressures, and vulnerability. This allows administrations to manage the
controls for defenses and discovery tools as they wish. Through the awareness of new
threats in the network, administrations can easily monitor and check the elaborate attacks
they have developed by reducing the possible loss and damage to their procedures and
data.

2. Examine Attack Strategies

Threat intelligence contains detail information in how the different techniques, tactics,
and procedures (TTPs) which cybercriminals employ work. Organizations management
will be able to understand the environment within which they operate. The right attack
methods make it possible for managers to develop strategies of counteraction to new
dangers. It is easier for them to create more realistic security strategies, establish access
control and improve upon the techniques used to detect intrusions.

3. Handling Vulnerabilities

Threat intelligence can be used to discover these new vulnerabilities as well as


information on how exploitable these vulnerabilities are in practical contexts. This
information assists the administration in the decision-making process on matters relating
to order repair. Self-interested positive abuses can be avoided by an administration that
targets the passionate abuse direction at the most vital points that its attack surface
comprises of.

4. Reaction to and modification of incident:

Threat intelligence is very useful for incident response teams in that it helps them to
determine the range and scale of an attack. It gives ways and means adopted by such
people and signs that indicate that they have compromised an organization. These include
so called Input-Output-Cubes (IOCs) that contribute to the analysis and handling of
incidents. Based on a threat level, real incident response can decrease an attack impact
and stop negotiation further. Further, it accelerates the process in which these
administrations get to assimilate the lesson from the event and regain their earlier state of
security.

5. Threat Actor Recognition:

From progressive threat intelligence perspectives, one can infer the identification and
passion of threat actors. Perhaps, it could be useful for administrations to change its
defensive strategy depending on the targets and associates of the attackers.
Acknowledging data can make a world of difference to management so they are able to
know whether they are up against state actors, hackers, cyber criminals or insiders.
Situational understanding is achieved, and the ways towards handling any situation are
formulated with this knowledge in consideration.

In fact, threat intelligence can be considered a fundamental part of real cyber security. It
legitimizes BND to remain ahead of typical attack approaches by supplying proper,
related and illegitimate information. By leveraging concerning threat intelligence, BND
can enhance their threat discovery and reply to competences, reduce susceptibilities and
develop more potent protection strategies to shield their methods and information.

A person who participates in a hostile or malicious process is referred to as a Cyber threat


actor (CTA). That is why we can use computers, like any other e-device, for this. Implicit
in categorizing CTAs is the possibility of classifying them in the following ways.
their affiliations and motivations.
Activity 03

Figure 6 Information Assurance Concept


Figure 7 Concept
Figure 8 Vulnerabilities in ICT

Figure 9 Information Assurance


Activity 04
4.1. Describing Security standards, regulations, and their consequences in sectors of an
organization

Figure 10 Company recovery Plan


Figure 11Part Of The BND

Figure 12 Analayzation
Figure 13 Analyzation and information collection

Figure 14 Security Measures


Figure 15 Information Collection

Figure 16 Creative research and technology


Figure 17 Security Measures

Figure 18 Security Measures


Figure 19 IT Support

Figure 20 It Support
Figure 21 Safty Procedures

Figure 22 Reasons to discuss these


4.2 Examining how criminal and other laws work to prevent cybercrime

Any illegal action that can be performed using a computer, device, or network is termed as
cybercrime.

The three subcategories are as follows:


1. Computer-oriented crimes
2. Crimes in which the computer is targeted.
3. Crimes in which the criminal incidentally uses a computer without being directly involved
in the crime.
Technology plays a major role in business and society, and its application is quite
widespread. Some of the Applications range from email correspondence, financial
transactions, and networking to collaborative work.

documents, and international forms of communication. Criminal law, as well as other laws,
have a great significance in preventing cybercrime within this digital era. Crimes that involve
illegal activities using digital technologies and computer systems are what describe
cybercrimes. These laws help in preventing cybercrimes in several ways. The first way is that
criminal law defines what constitutes cybercrime. They run organized crimes chalked on
cyber activities such as online fraud, cybercrime, identity theft, and hacking, among others.
Since the laws explain what amounts to a cybercrime, they do give the law enforcement
agencies something to work from in their investigations and respectively,
act. Cybercrime laws set expectations for the public, private and governmental sectors in how
computers, the Internet, and other digital technologies are used. It encompasses evidence,
criminal procedure and other aspects of cyberspace criminal justice, and precautions against
cybercrime that may create harm to individuals, organizations, and infrastructure. Thus,
substantive, procedural, and preventive laws comprise this area of Law on cybercrime.
(Department, 2024/08/30)

1. Common Law: These legal systems derive their laws from established practice and
the legal precedent, which is the decision in a case that subsequently is binding upon
a court and subordinate courts. These laws, which are those that arise because of court
rulings or legal precedents, are regulated distinctively and are referred to as case law.
(Department, 2024/08/30)
2. Civil law: The legal systems have laws or statutes that are codified, consolidated, and
comprehensive on basic rights, duties, tasks, and patterns of behavior. Basic units of
these judicial systems are their own constitutions and laws. (Department, 2024/08/30)

3. Customary law: Refers to those accepted and established behavioral norms which
people of the same culture consider to be the law - opinion juris. According to
international law, customary law provides the code on how states relate, and the
practices involved in those relations, and it is legally binding on all states.
(Department, 2024/08/30)

4. Religious law: The latter refers to laws inspired by religion or setting religious texts
as a source of authority and guidance in law.

5. Legal pluralism: In addition, this kind of judicial system may contain two or more of
these legal systems, including common, civil, customary, and religious law.
4.2.1 Research the different types of countermeasures that have been implemented
owing to cyber security risks and compare the countermeasures taken by an alternative
organization.
The many kinds of responses that have over time been used in counter-threats against cyber-
Security.
This section will develop the analysis of the research, both on quantitative and qualitative
levels. Results of this poll It was sent to a company that applies intelligent technologies to
maintain compliance with security while offering easy access to workstations for clinicians,
making workflow easier. The result of the survey is as follows:
How familiar you are with cybersecurity Threats?
15 responses

Responses

13%
Very Familiar
33% Somewhat Familiar
Basic Familiarity
Not Familiar at All
27%

27%

Figure 23 Responses
How Quickly do you respond to cyber security threats?
15 responses

Response

20% Immediatley upon detection


27% Within a few hours
within 24 hours
Within 48 Hours
13% More than 48 hours

7%
33%

Figure 24 Response
How capable you are of developing a comprehensive response strategy to cyber security
threats?
15 responses

Responses

Very Capable
Capable
33%
Somewhat Capable
47% Limited Capability
Not Capable

7%
13%

Figure 25 Responses
Do you have any training in responding to cyber security threats?
15 responses

Responses

20%
Yes
Somewhat
47% No

33%

Figure 26 Responses
How often does your organization require its employees to change their password?
15 responses

Responses

7% 7% Every 1 month
Every 2 months
13% Every 3 moths
20%
Every 6 months
Once A Year
We don’t have a Password change
policy (Never)

20% 33%

Figure 27 responses
How is the Security of your online account maintained?
15 responses

Responses

7%
Two-Factor Authentication
Strong/Unique Passwords
40% Regular Monitoring
33% Use Up to date anti Virus

20%

Figure 28 Responses
What specific cyber security concerns have you found to be more pressing than others?
15 responses

Responses

20%
Yes
No

80%

Figure 29 Responses
If the answer to the above is yes, list the specific cyber security threats that require
additional focus.
12 Responses

Responses

17% 17% Advanced Persistant Threats


(APTs)
Ransomware Attack
8% Phishing and spear Pishing
Insider Threats
25% Zero-Day Vulnerabilities

33%

Figure 30 Responses

 From the first chart, 26% are "Somewhat Familiar" or have "Basic Familiarity," while
33% of the total surveyed were "Very Familiar" with cybersecurity issues.

 As the second chart indicates, twenty-six percent of respondents answer,


"Immediately
upon detection," and thirty-three percent of respondents answer "Within a few hours"
in response to cybersecurity risks.

 The third chart states that thirty-three percent of respondents have a "Limited
Capability, while a total of 46 of respondents feel "Very Capable" of creating a
thorough response strategy to cybersecurity threats.
 The pie chart, therefore, indicates that, out of the total number of respondents, 20%
have some training, 33.3% have some training, while 46% have no training at all in
responding to cyber-security risks.
 The highest frequency among the options provided is thirty-three percent of the
respondents, the pie chart reveals that are obliged to change their passwords every
three months.

 Accordingly, the pie reveals that 40 percent of the respondents use means of security
for their online accounts. using strong or unique passwords, while thirty-three percent
use two-factor authentication. authentication, twenty percent monitor their accounts
on a regular basis, and the least percentage use up-to-date antivirus software.

 The pie chart reveals that 80% of respondents believe some cybersecurity issues
While some threats are more pressing than others, twenty percent disagree.

 In the pie chart, ransomware attacks are standing as the number one cybersecurity
threat for thirty-three percent followed by spear and phishing attacks at twenty-five
percent, insider advanced persistent threats take sixteen percent as zero-day
vulnerabilities take eight percent.

As such, even though this company is not fully secured from all types of
cybersecurity threats, the figures and information collated above show that they are
indeed striving to expand their cybersecurity level.
Link For Presentation - Cyber Security.rar

References
Blog, C., n.d. CyberTalents Blog. [Online]
Available at: https://cybertalents.com/blog/cyber-crime-investigation
[Accessed 18 09 2024].

cloudflare, 2023. cloudflare. [Online]


Available at: https://www.cloudflare.com/learning/ddos/glossary/denial-of-service/
[Accessed 25 09 2024].

cloudflare, 2023. cloudflare. [Online]


Available at: https://www.cloudflare.com/learning/ddos/what-is-a-ddos-attack/
[Accessed 27 09 2024].

cloudflare, 2023. cloudflare. [Online]


Available at: https://www.cloudflare.com/learning/ddos/ddos-mitigation/
[Accessed 27 09 2024].

CloudFlare, 2023. CloudFlare. [Online]


Available at: https://www.cloudflare.com/learning/ddos/glossary/web-application-firewall-waf/
[Accessed 27 09 2024].

cyber.gov.au, 2024. cyber. [Online]


Available at: https://www.cyber.gov.au/threats/types-threats/ransomware
[Accessed 26 09 2024].

cybertalents, 2024. cybertalents. [Online]


Available at: https://cybertalents.com/blog/what-is-cyber-crime-types-examples-and-prevention
[Accessed 16 09 2024].

Department, A.-G., 2024/08/30. ag.gov. [Online]


Available at: https://www.ag.gov.au/crime/cybercrime
[Accessed 28 09 2024].

imperva.com, 2023/12/20. imperva.com. [Online]


Available at: https://www.imperva.com/learn/application-security/cyber-security-threats/
[Accessed 27 09 2024].

imperva, 2023/12/20. imperva. [Online]


Available at: https://www.imperva.com/learn/application-security/website-defacement-attack/
[Accessed 25 09 2024].
kala, M., 2023 june 30. SCIRP. [Online]
Available at: https://www.scirp.org/journal/paperinformation?paperid=126109
[Accessed 27 09 2024].

kaspersky.com, 2020/05/13. kaspersky.com. [Online]


Available at: https://www.kaspersky.com/resource-center/definitions/what-is-cloud-security
[Accessed 28 09 2024].

Kaspersky, November 06, 2019. What is Cybercrime and How to Protect Yourself?. [Online]
Available at: https://www.kaspersky.com/resource-center/threats/what-is-cybercrime
[Accessed 26 09 2024].

Rapid7, 2023. rapid7.com. [Online]


Available at: https://www.rapid7.com/fundamentals/types-of-attacks/
[Accessed 26 09 2024].

SOPHOS, 2024/10/17. SOPHOS. [Online]


Available at: https://www.sophos.com/en-us/cybersecurity-explained/threat-actors#:~:text=A
%20threat%20actor%20is%20defined,targets%20an%20organization's%20IT%20security.
[Accessed 18 10 2024].

Tunggal, A. T., 2024/09/16. UpGuard. [Online]


Available at: https://www.upguard.com/blog/cyber-threat#:~:text=A%20cyber%20or
%20cybersecurity%20threat,attacks%2C%20and%20other%20attack%20vectors.
[Accessed 17 09 2024].
Grading Rubric

Grading Criteria Achieved Feedback

LO1 Explore the nature of cybercrime and cyber threat actors

P1 Review types of malicious and/or criminal cyber activity.


P2 Investigate the potential targets of cybercrime

M1 Analyse the concept of digital systems as ‘targets’ and ‘tools’ as


related to cyber security, giving real-world examples
LO2 Investigate cyber security threats and hazards

P3 Describe security threats and hazards to a system or service or


process

P4 Investigate common attack techniques and recommend how to


defend against them.
M2 Assess the role of threat intelligence when defending against
common attack techniques
D1 Evaluate types of malicious cyber activity and the action that can be
taken to neutralise cyber threat actors.

LO3 Examine the effectiveness of information assurance concepts


applied to ICT infrastructure

P5 Explore how information assurance concepts can mitigate threats


and vulnerabilities in ICT infrastructure, giving example
M3 Assess how information assurance could enhance the cyber
resilience of ICT infrastructure.

LO4 Investigate incident response methods to cyber security threats

P6 Describe security standards, regulations and their consequences


across at least two sectors
P7 Investigate the types of response that have been implemented in
response to cyber security threats.
M4 Analyse the role of criminal and other law in deterring cybercrime.
D2 Evaluate the responses that have been implemented by different
organisations in response to cyber security threats.

You might also like