Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Assumptions: The company profile is as follows: (a) LLC, small business; (b) 20 employees with $15M
in revenues; (c) Defense contractor providing software/systems engineering support services to a US
Navy client in the San Diego area. For this assignment, I’ll assume that I’ll be briefing the CEO, CFO and
CIO (CISO) of this company.
Executive Summary
I. Introduction: We have a problem and I recommend the executive Team act in
addressing it. The problem is a deficiency in our firm’s cybersecurity. Minor
corrections/investments made now could result in significant enhancements to
our Cyber security posture. I respectfully request your involvement extend
beyond just a financial infrastructure investment. I am seeking your strategic “buy
in” to create a culture of cyber security awareness. My goal is to present the
credible, realistic cyber threat and provide some COA(s) that will protect our
company.
II. The Current Cyber Threats: The Cyber threat should be a real concern for our
company. Matt Mansfield’s article “Cyber Security Statistics – Numbers Small
Businesses Need to Know” indicates that small businesses are being targeted by
Cyber criminals. Most Cyber criminals are interested in obtaining Intellectual
Property (IP), customer records and credit/debit card information. Their preferred
method of attack includes Web-based attacks, Phishing/social engineering and
general malware. (Mansfield, 2017):
The Lazarus Group DeputyDog (APT 17) Cozy Bear (APT 29)
- Financial Theft - Economic Espionage- - Strategic/Political attacks
- Spear Phishing/Key- - Spear - Hammertoss/Persistent C2
stroke logger malware Phishing/Blackcoffee malware
malware
III. Tools to Mitigate Risk: These tools are relatively easy to implement and
inexpensive.
IV. Final Thoughts: While the Cyber threats are credible, we have an opportunity to
build an effective Cyber defense. We should implement the tools mentioned
above as soon as possible.
Jon Boucher – CSOL 580-01-SU17 (Cyber Intelligence)
Module 7 – Final Report
II. Company Priorities and our Obligations – The threats identified in this
report all present a threat to our corporate priorities. These actors present
tactical, operational and strategic threats. These threats could not only effect our
company’s “bottom line” they could also negatively affect our fiduciary obligations
to employee/clients. As a certified Defense contractor, we also have a unique
requirement to protect the confidential information of our Government clients
when necessary. The Chinese APT 17 presents a credible threat to our company
intellectual property (IP). See below for our company’s established priorities:
Reconnaissance
Weaponization
Jon Boucher – CSOL 580-01-SU17 (Cyber Intelligence)
Module 7 – Final Report
Delivery
+
Employee Training
Exploitation
+
SYSADMIN Data Loss
Training Prevention
Software
Installation
+
+ +
Actions of Objectives
+ + +
References:
Alastair Stevenson. (14 May 2015). “APT17 DeputyDog hackers are pushing
Blackcoffee malware using TechNet”. Retrieved on 26 Aug 2017 from:
https://www.v3.co.uk/v3-uk/news/2408533/apt17-deputydog-hackers-are- pushing-
blackcoffee-malware-using-technet
Kaspersky Lab. (03 April 2017). “Chasing Lazarus: A Hunt for the Infamous Hackers to
Prevent Large Bank Robberies”. Retrieved on 17 Aug 2017 from:
https://www.kaspersky.com/about/press-releases/2017_chasing-lazarus-a-hunt-for-the-
infamous-hackers-to-prevent-large-bank-robberies
FireEye – Website (20 Aug 2017) “Advanced Persistent Threat Groups”. Retrieved on
21 Aug 2017 from: https://www.fireeye.com/current-threats/apt-groups.html
Bosworth, Seymour. (2014). Computer Security Handbook (6th ed., Vol. 1). Hoboken,
NJ: Wiley. Chapter 12
Matt Mansfield. (03 JAN 2017) “Cyber Security Statistics – Numbers Small Businesses
Need to Know.” Retrieved on 03 Aug 2017
from:https://smallbiztrends.com/2017/01/cyber-security-statistics-small-business.html
Corey Nachreiner (02 JAN 2013). “Your Firm Is Small, But Still An Attractive Target”.
Retrieved on 03 AUG 2017 from: https://readwrite.com/2013/01/02/small-firms-are-
immune-to-advanced-persistent-threats-youre-delusional/