Provide references to your work fine IFFF) Question Read the passage and answer the questions that...
Fantastic news! We've Found the answer you've been seeking!
Question:
Transcribed Image Text:
Provide references to your work fine IFFF) Question Read the passage and answer the questions that follow: A ransomware gang calling itself "Snatch" -after the iconic Guy Ritchie film released in 2000 has claimed responsibility for exfiltrating 200 terabytes of data from the South African Department of Defence (DOD). The group has apparently posted only a fraction of the data i stole online, releasing a 499GB compressed archive that it says extracts to around 1.6TB of data. A security researcher who spoke to MyBroadband on condition of anonymity confirmed that the leak appeared legitimate. They said the data came from the DOD, not an affiliated company like Armscor or Denel. In addition to leaking DOD data, Snatch also posted the contact information of several senior government officials online - including phone numbers it says belong to Cyril Ramaphosa Checking the list of eight cellphone numbers against Truecaller's database revealed that two could belong to South Africa's sitting president. According to cybersecurity company Sophos, Snatch uses an attack model where they penetrate enterprise networks via automated brute-force attacks against exposed services, then leverage that foothold to spread internally within the target organisation's network through human-directed action. Their malware reboots Windows machines into Safe Mode before encrypting the data they wish to hold ransom. "The attackers may be using this technique to circumvent endpoint protection, which often won't nun in Safe Mode." Sophos said. When it discovered this attack vector in 2019, Sophos quickly raised the alarm as the severity of ransomware that runs in Safe Mode was a significant threat. In addition to the novel modus operandi, Sophos also found from recruitment posts that Snatch only accepted Russian speakers into the gang. Interestingly, the Russian-language gang chose the week of the BRICS Summit, which is being hosted in South Africa, to release the data it exfiltrated from the DOD. According to Snatch itself, this was no coincidence. The project is a year old, about 200TB of data was extracted during the year," it said in a post online. Screenshot from the Snatch ransomware group's website about data it stole from the South African Department of Defence Snatch said it specifically chose the week of the BRICS summit to release the data. It then used the opportunity to spread its message that South Africa is laundering arms for the United States and money for corporations. They also accused Ramaphosa of being "the main arms baron of the black continent or the main gasket for laundering arms contracts in the USA." Additionally, the attackers said. "The BRICS summit for Africa is just a screen issued by the white masters from a country with a constantly stumbling president." Snatch's statement revealed a relatively poor grasp of geopolitics and South Africa's domestic politics. Ramaphosa's govemment has been routinely criticised for its unaligned stance on Russia's invasion of Ukraine. Political analysts have warned that South Africa stands to be excluded from the United States African Growth and Opportunity Act (AGOA), losing out on billions in exports. Former World Bank president David Malpass warned South Africa was playing with fire by trying to play countries against one another, which could hurt the country's relationship with the US, US ambassader to South Africa, Reuben Brigety, accused South Africa of supplying weapons and ammunition to Russia carlier this year. This was after the Russian cargo ship Lady R controversially docked at the Simon's Town naval base to offload weapons South Africa had ordered before the Covid-19 pandemic. The South African government maintains that Lady Rreturned to Russia empty. Defence minister Thandi Modise infamously said, "We did not send fokol to Russia, not even a piece of Chappies [bubble gum]." In addition to their claims that South Africa was in bed with the United States, Snatch also said their website has faced constant denial-of-service attacks since posting the South African DOD leak. "The folks from the Ministry of Defense (or their American curators) really do not want this information to pop up at the summit's eve so... We have not seen such a powerful attack on our resources even from the French side." they said, referring to previous leaks. "This is not surprising at all-when people launder billions of dollars on state contracts and feed international corporations, they are surely ready to spend a couple of extra million dollars to destroy our source of information." Several days later, the group said it was beginning to feel respect for Africa. "Neither the Americans nor the Europeans could afford to spend such resources to attack our project," they claimed. "Representatives of South Africa have been doing this for the third day in a row, and, judging by the level of the attack, it costs somewhere between 150k-200k dollars [R2.8-R3.7 million) a day. But frankly speaking, they would rather spend this money on their network infrastructure and security." y Round Table spe farcture and sty." MyBroadband contacted the Department of Defence for comment. It did not respond by publication. Following media reports about the data breach, the attackers have stated that they are not the "Snatch" ransomware gang, "We have nothing to do with the Snatch ransomware project that appeared in 2019 and existed for about 2 years," they claim. "We are the Security Notification Attachment (SNAtch for short) Team, a group specializing exclusively in leaked sensitive data." The group said it does not deal in ransomware. "We don't aim to stop a company for critical infrastructure) from operating by attacking it with software that blocks the control servers. Snatch stated. "If journalists analyze our work carefully, they will see that not a single client of ours has been attacked by a malware that can be called Snatch, they said. "Yes, many of them have been attacked by various ransomware, as we are open for cooperation and often groups that work in this direction give us unique confidential data that were leaked from the attacked companies. But once again, the Snatch locker that we are compared to in the media has never been used PROJECT 1. What are the common vulnerabilities and Attack Types that you know? 2. What are some risk and security assessments should the department of defence undertake? 3. In terms of risk response what would you advise the department of defence to do? 4. Every organisation must plan and outline security policies, in the document the incident response must be clearly defined. Use the six stages of incident response to help the department of defence to handle the situation above. 5. List prevention methods that the department should think of when implementing their systems. 6. Would a firewall help in this case? Explain your understanding of a firewall in reference to the case above 7. What are your views on detection systems? Do you think it will help in making sure that the department of defence systems are secure? 8. Explain the CIA Triad 9. Briefly explain some of the encryption technologies 10. Do a research on a tool known as Pegasus apyware share your views on this tool Do you think govemments should be allowed to use such tools? In South Africa how will this contradict POPI ACT? Provide references to your work fine IFFF) Question Read the passage and answer the questions that follow: A ransomware gang calling itself "Snatch" -after the iconic Guy Ritchie film released in 2000 has claimed responsibility for exfiltrating 200 terabytes of data from the South African Department of Defence (DOD). The group has apparently posted only a fraction of the data i stole online, releasing a 499GB compressed archive that it says extracts to around 1.6TB of data. A security researcher who spoke to MyBroadband on condition of anonymity confirmed that the leak appeared legitimate. They said the data came from the DOD, not an affiliated company like Armscor or Denel. In addition to leaking DOD data, Snatch also posted the contact information of several senior government officials online - including phone numbers it says belong to Cyril Ramaphosa Checking the list of eight cellphone numbers against Truecaller's database revealed that two could belong to South Africa's sitting president. According to cybersecurity company Sophos, Snatch uses an attack model where they penetrate enterprise networks via automated brute-force attacks against exposed services, then leverage that foothold to spread internally within the target organisation's network through human-directed action. Their malware reboots Windows machines into Safe Mode before encrypting the data they wish to hold ransom. "The attackers may be using this technique to circumvent endpoint protection, which often won't nun in Safe Mode." Sophos said. When it discovered this attack vector in 2019, Sophos quickly raised the alarm as the severity of ransomware that runs in Safe Mode was a significant threat. In addition to the novel modus operandi, Sophos also found from recruitment posts that Snatch only accepted Russian speakers into the gang. Interestingly, the Russian-language gang chose the week of the BRICS Summit, which is being hosted in South Africa, to release the data it exfiltrated from the DOD. According to Snatch itself, this was no coincidence. The project is a year old, about 200TB of data was extracted during the year," it said in a post online. Screenshot from the Snatch ransomware group's website about data it stole from the South African Department of Defence Snatch said it specifically chose the week of the BRICS summit to release the data. It then used the opportunity to spread its message that South Africa is laundering arms for the United States and money for corporations. They also accused Ramaphosa of being "the main arms baron of the black continent or the main gasket for laundering arms contracts in the USA." Additionally, the attackers said. "The BRICS summit for Africa is just a screen issued by the white masters from a country with a constantly stumbling president." Snatch's statement revealed a relatively poor grasp of geopolitics and South Africa's domestic politics. Ramaphosa's govemment has been routinely criticised for its unaligned stance on Russia's invasion of Ukraine. Political analysts have warned that South Africa stands to be excluded from the United States African Growth and Opportunity Act (AGOA), losing out on billions in exports. Former World Bank president David Malpass warned South Africa was playing with fire by trying to play countries against one another, which could hurt the country's relationship with the US, US ambassader to South Africa, Reuben Brigety, accused South Africa of supplying weapons and ammunition to Russia carlier this year. This was after the Russian cargo ship Lady R controversially docked at the Simon's Town naval base to offload weapons South Africa had ordered before the Covid-19 pandemic. The South African government maintains that Lady Rreturned to Russia empty. Defence minister Thandi Modise infamously said, "We did not send fokol to Russia, not even a piece of Chappies [bubble gum]." In addition to their claims that South Africa was in bed with the United States, Snatch also said their website has faced constant denial-of-service attacks since posting the South African DOD leak. "The folks from the Ministry of Defense (or their American curators) really do not want this information to pop up at the summit's eve so... We have not seen such a powerful attack on our resources even from the French side." they said, referring to previous leaks. "This is not surprising at all-when people launder billions of dollars on state contracts and feed international corporations, they are surely ready to spend a couple of extra million dollars to destroy our source of information." Several days later, the group said it was beginning to feel respect for Africa. "Neither the Americans nor the Europeans could afford to spend such resources to attack our project," they claimed. "Representatives of South Africa have been doing this for the third day in a row, and, judging by the level of the attack, it costs somewhere between 150k-200k dollars [R2.8-R3.7 million) a day. But frankly speaking, they would rather spend this money on their network infrastructure and security." y Round Table spe farcture and sty." MyBroadband contacted the Department of Defence for comment. It did not respond by publication. Following media reports about the data breach, the attackers have stated that they are not the "Snatch" ransomware gang, "We have nothing to do with the Snatch ransomware project that appeared in 2019 and existed for about 2 years," they claim. "We are the Security Notification Attachment (SNAtch for short) Team, a group specializing exclusively in leaked sensitive data." The group said it does not deal in ransomware. "We don't aim to stop a company for critical infrastructure) from operating by attacking it with software that blocks the control servers. Snatch stated. "If journalists analyze our work carefully, they will see that not a single client of ours has been attacked by a malware that can be called Snatch, they said. "Yes, many of them have been attacked by various ransomware, as we are open for cooperation and often groups that work in this direction give us unique confidential data that were leaked from the attacked companies. But once again, the Snatch locker that we are compared to in the media has never been used PROJECT 1. What are the common vulnerabilities and Attack Types that you know? 2. What are some risk and security assessments should the department of defence undertake? 3. In terms of risk response what would you advise the department of defence to do? 4. Every organisation must plan and outline security policies, in the document the incident response must be clearly defined. Use the six stages of incident response to help the department of defence to handle the situation above. 5. List prevention methods that the department should think of when implementing their systems. 6. Would a firewall help in this case? Explain your understanding of a firewall in reference to the case above 7. What are your views on detection systems? Do you think it will help in making sure that the department of defence systems are secure? 8. Explain the CIA Triad 9. Briefly explain some of the encryption technologies 10. Do a research on a tool known as Pegasus apyware share your views on this tool Do you think govemments should be allowed to use such tools? In South Africa how will this contradict POPI ACT?
Expert Answer:
Answer rating: 100% (QA)
Common vulnerabilities and attack types Vulnerabilities Weak passwords unpatched software misconfigured systems lack of user awareness social engineering Attack types Phishing attacks malware infectio... View the full answer
Related Book For
Modern Systems Analysis And Design
ISBN: 9780134204925
8th Edition
Authors: Joseph Valacich, Joey George
Posted Date:
Students also viewed these programming questions
-
Consider the following operations on an initially empty heap h; this heap is a maxheap, so the biggest item is at the top. The heap is represented as a binary tree: h.insert(5); h.insert(6);...
-
Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...
-
Googles ease of use and superior search results have propelled the search engine to its num- ber one status, ousting the early dominance of competitors such as WebCrawler and Infos- eek. Even later...
-
Determine each of the following as being either true or false. If an angle has a cosine of 0.2, then the secant of the angle is 5.
-
List three general categories of information in a process control block.
-
The anticaking agent added to Morton salt is calcium silicate, CaSiO3. This compound can absorb up to 2.5 times its mass of water and still remains a free-fl owing powder. Calculate the percent...
-
A trial weight should generate a force equal to 10% of the rotor weight in order to establish the location and amount of imbalance. The rotor weighs 100 lb and has an operating speed of 3,600 rpm....
-
Here are key financial data for House of Herring, Inc.: Earnings per share for 2015 ...................... $5.50 Number of shares outstanding ................. 40 million Target payout ratio...
-
Managers have to be prepared to lead their organizations through varying economic conditions. Explain why it is important to understand GDP data, and how changes inunemployment and inflation impact...
-
Analyzing, Forecasting, and Interpreting Both Income Statement and Balance Sheet Following are the income statements and balance sheets of Best Buy Co., Inc. Income Statement, Feb. 26, 2011 Feb. 27,...
-
12. A chicken nugget manufacturer is balancing the fines of making consumers sick against the costs of increasing the quality of their ingredients. They're trying to minimize that cost and have...
-
what ways do historical legacies of colonialism, imperialism, and slavery intersect with contemporary systems of power to shape complex hierarchies of inequality and marginalization ?
-
What does the term "rolling grass" mean in Hollywood? Describes a particularly bad screening of a film, as the reels were "rolling gross.
-
If project scope is increased, what will likely happen to project time and project cost?
-
How do reviews and recommendations relate to situation-specific circumstances in the context of service evaluation?
-
Assume that Brian resigns as trustee. Pursuant to the terms of the trust, a family friend, Lenora, becomes trustee. Lenora sells the houses and invests the proceeds in government bonds. How should...
-
Becker Company has the following financial information (in thousnads): Becker Company Income Statement For the Year Ended December 31, 2022 Net Sales Cost of Goods Sold Gross Profit Operating...
-
Briefly describe the following types of group life insurance plans: a. Group term life insurance b. Group accidental death and dismemberment insurance (AD&D) c. Group universal life insurance d....
-
Write at least three closed-ended questions that you might use in an interview of users of a word-processing package in order to develop ideas for the next version of the package. Test these...
-
The references in this chapter point to a number of sources that provide website design guidelines (see additional references in the References list). Visit these sites and summarize, in a report,...
-
What is the purpose of denormalization? Why might you not want to create one physical table or file for each relation in a logical data model?
-
The following is the trial balance of Sanjay Industries Ltd. as on 31st March 2006. Further information 1.Outstanding rent amounted to 7,200 while outstanding salaries 8,100 at the end of the year....
-
Refer to the case of Monik Traders given in the exercises of the last chapter. Monik Varma now wants to know as to where his firm stands after one month of running of the business. Help him. Towards...
-
The accountant of Pushpa Engineering Company Ltd. has prepared the following trial balance of the company as on 31st March, 2006. Further information 1. Authorised equity share capital of the company...
Study smarter with the SolutionInn App