CSE1ICB Introduction to Cybersecurity

Assignment 2: Data Breaches – Threat Assessment

Instruction

• Please submit via CSE1ICB LMS page Assignment submission section.

• This assignment is due on Sunday 15th Oct 2023 before 11.59 pm.

• Evaluation: 20 marks (= 20% of your final grade) + 2 marks bonus (part 2)

• You must submit your assignment only as a PDF file for Part 1 and Packet Tracer file (.pkt) for Part 2.

• Please write your full name and student number on the top of the first page.

Part 1:

Section 1: Examining Data Breaches (10 Marks)

Data breach is when data is stolen or shared by an unauthorised person or third-party. Cyber criminals around the world can take advantage of massive company breaches to steal your money, identity, and other valuable information. Data breaches are one of the most impactful security breaches that occur annually not only for small businesses and organisations, but also for famous companies and governmental sectors.

You need to use the following link to explore some of the biggest data breaches occurred between 2020 and 2022. You can scroll down on the website to explore the data breaches in various large and small companies all over the world. The size of the bubbles indicates the impact and number of people affected. You can click “Read a bit more” to see the original report.

Select Only Two data breaches occurred between 2020 to 2022 and write a short report about the data breach and include the following points into your report.

1. Identify the victims and impacts of damage.

2. What was the method of leak or explain how the data was stolen or revealed (find the weakness)

3. Which security control of mechanism could have prevented the leak

You should use between 300 and 700 words in total to answer these questions.

Section 2: Threat Assessment (10 Marks)

The National Vulnerability Database (NVD) is the U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This Database is one of the most well-known vulnerability repositories that provides useful information regarding current vulnerabilities and quantifies them based on some important metrics such as Base score, exploitability, Impact, and so on.

The NVD vulnerability search engine: https://web.nvd.nist.gov/view/vuln/search

Understanding the importance threat and risk assessment, a small business wants to strengthen its security posture by analysing the vulnerabilities and threats in its network (shown in Figure 1) to assess the risks involved. After risk assessment the company will decide to accept, avoid, or mitigate the risk.

The company’s network has three subnets: i) Staff subnet, ii) Finance subnet, and iii) HR subnet. At least one host in each subnet is connected to internet and can be the entry point of cyber-attacks. Only PC0 in staff subnet, PC 4 in finance, and Server 0 in HR are given public IPs and are connected to the internet.

The company purchases the Nessus vulnerability scanner tool to scan its subnets and hosts for possible vulnerabilities. The results of the Nessus scanner tool for vulnerabilities of only the hosts that are connected to the internet are reported in table below:

Table 1

Step 2: The risk assessment team suggests the following formula to compute risk for each Host:

• Likelihood (probability of attack success): this can be achieved based on the exploitability metric divided by 10 based on Table 1 for each vulnerability. For example, if exploitability is 8.6, the likelihood is (8.6 / 10 = 0.86)

• Impact: this can be achieved based on the Impact metric in for each vulnerability in Table 1. Complete Table 2 by assessing the risks for each host given in the table 2 (based on the above formula).

Table 2