Provide references to your work fine IFFF) Question Read the passage and answer the questions that follow: A ransomware gang calling itself "Snatch" -after the iconic Guy Ritchie film released in 2000 has claimed responsibility for exfiltrating 200 terabytes of data from the South African Department of Defence (DOD). The group has apparently posted only a fraction of the data i stole online, releasing a 499GB compressed archive that it says extracts to around 1.6TB of data. A security researcher who spoke to MyBroadband on condition of anonymity confirmed that the leak appeared legitimate. They said the data came from the DOD, not an affiliated company like Armscor or Denel. In addition to leaking DOD data, Snatch also posted the contact information of several senior government officials online - including phone numbers it says belong to Cyril Ramaphosa Checking the list of eight cellphone numbers against Truecaller's database revealed that two could belong to South Africa's sitting president. According to cybersecurity company Sophos, Snatch uses an attack model where they penetrate enterprise networks via automated brute-force attacks against exposed services, then leverage that foothold to spread internally within the target organisation's network through human-directed action. Their malware reboots Windows machines into Safe Mode before encrypting the data they wish to hold ransom. "The attackers may be using this technique to circumvent endpoint protection, which often won't nun in Safe Mode." Sophos said. When it discovered this attack vector in 2019, Sophos quickly raised the alarm as the severity of ransomware that runs in Safe Mode was a significant threat. In addition to the novel modus operandi, Sophos also found from recruitment posts that Snatch only accepted Russian speakers into the gang. Interestingly, the Russian-language gang chose the week of the BRICS Summit, which is being hosted in South Africa, to release the data it exfiltrated from the DOD. According to Snatch itself, this was no coincidence. The project is a year old, about 200TB of data was extracted during the year," it said in a post online. Screenshot from the Snatch ransomware group's website about data it stole from the South African Department of Defence Snatch said it specifically chose the week of the BRICS summit to release the data. It then used the opportunity to spread its message that South Africa is laundering arms for the United States and money for corporations. They also accused Ramaphosa of being "the main arms baron of the black continent or the main gasket for laundering arms contracts in the USA." Additionally, the attackers said. "The BRICS summit for Africa is just a screen issued by the white masters from a country with a constantly stumbling president." Snatch's statement revealed a relatively poor grasp of geopolitics and South Africa's domestic politics. Ramaphosa's govemment has been routinely criticised for its unaligned stance on Russia's invasion of Ukraine. Political analysts have warned that South Africa stands to be excluded from the United States African Growth and Opportunity Act (AGOA), losing out on billions in exports. Former World Bank president David Malpass warned South Africa was playing with fire by trying to play countries against one another, which could hurt the country's relationship with the US, US ambassader to South Africa, Reuben Brigety, accused South Africa of supplying weapons and ammunition to Russia carlier this year. This was after the Russian cargo ship Lady R controversially docked at the Simon's Town naval base to offload weapons South Africa had ordered before the Covid-19 pandemic. The South African government maintains that Lady Rreturned to Russia empty. Defence minister Thandi Modise infamously said, "We did not send fokol to Russia, not even a piece of Chappies [bubble gum]." In addition to their claims that South Africa was in bed with the United States, Snatch also said their website has faced constant denial-of-service attacks since posting the South African DOD leak. "The folks from the Ministry of Defense (or their American curators) really do not want this information to pop up at the summit's eve so... We have not seen such a powerful attack on our resources even from the French side." they said, referring to previous leaks. "This is not surprising at all-when people launder billions of dollars on state contracts and feed international corporations, they are surely ready to spend a couple of extra million dollars to destroy our source of information." Several days later, the group said it was beginning to feel respect for Africa. "Neither the Americans nor the Europeans could afford to spend such resources to attack our project," they claimed. "Representatives of South Africa have been doing this for the third day in a row, and, judging by the level of the attack, it costs somewhere between 150k-200k dollars [R2.8-R3.7 million) a day. But frankly speaking, they would rather spend this money on their network infrastructure and security." y Round Table spe farcture and sty." MyBroadband contacted the Department of Defence for comment. It did not respond by publication. Following media reports about the data breach, the attackers have stated that they are not the "Snatch" ransomware gang, "We have nothing to do with the Snatch ransomware project that appeared in 2019 and existed for about 2 years," they claim. "We are the Security Notification Attachment (SNAtch for short) Team, a group specializing exclusively in leaked sensitive data." The group said it does not deal in ransomware. "We don't aim to stop a company for critical infrastructure) from operating by attacking it with software that blocks the control servers. Snatch stated. "If journalists analyze our work carefully, they will see that not a single client of ours has been attacked by a malware that can be called Snatch, they said. "Yes, many of them have been attacked by various ransomware, as we are open for cooperation and often groups that work in this direction give us unique confidential data that were leaked from the attacked companies. But once again, the Snatch locker that we are compared to in the media has never been used PROJECT 1. What are the common vulnerabilities and Attack Types that you know? 2. What are some risk and security assessments should the department of defence undertake? 3. In terms of risk response what would you advise the department of defence to do? 4. Every organisation must plan and outline security policies, in the document the incident response must be clearly defined. Use the six stages of incident response to help the department of defence to handle the situation above. 5. List prevention methods that the department should think of when implementing their systems. 6. Would a firewall help in this case? Explain your understanding of a firewall in reference to the case above 7. What are your views on detection systems? Do you think it will help in making sure that the department of defence systems are secure? 8. Explain the CIA Triad 9. Briefly explain some of the encryption technologies 10. Do a research on a tool known as Pegasus apyware share your views on this tool Do you think govemments should be allowed to use such tools? In South Africa how will this contradict POPI ACT?