Week 2

Confidentiality, Integrity, and Availability, also known as the CIA triad, is a model
designed to guide policies for information security within an organization.

Based on your understanding of those terms provide an example that illustrates each

one based on a recent news event (don't forget to cite the link). Do your best to find recent
cases, and provide your explanations to that case in relation to C.I.A.

Lion shuts IT systems after 'cyber-attack'

Lion is one of Australasia’s leading food and beverage companies across Australia
and New Zealand. They market premium brands of dairy, juice, soy, beer, cider, fine wine,
spirits, alcoholic ready-to-drinks and non-alcohol beverages categories.

On 8 June 2020, Lion was a victim of cyber-attack. They immediately shutdown all
their IT systems as a precaution of further damage.

Upon further investigation, Lion a partial IT system outage is a result of a

ransomware attack. There is no evidence that any information in their system such as
financial and personal information has been affected. The attack disrupts manufacturing
operations and customer services.

IT teams and cyber security expert have continued working and investigating cyber
incident and working to bring systems back online.

However, It was reported as per iTwire that hackers used the REvil ransomware to
attack the company and demanding $US800,000(1.16m) to decrypt the company files.

REvil is also known as Sodinkibi that attacks systems running Microsoft’s Windows
operating system.

In addition, to encrypting up a company files, REvil ransomware will often leak files
on the dark web as a bargaining tactic if a victim does not pay by the deadline.

In relation to the C.I.A. Triad, the Lion - REvil ransomware attack defined as:
Confidentiality:

Confidentiality means limiting access to information only to those who need it and
preventing access by those who don’t.

A loss of confidentiality is defined when data is seen by someone who shouldn’t have
seen it, data breaches like the Lion cyber-attack using a REvil ransomware by malicious
attacker is an high-profile example of loss of confidentiality.

 Integrity:

Integrity of information is threatened when it is exposed to corruption, damage,

destruction, or other disruption of its authenticity state.

Integrity of “Lion IT system” data has been affected, but it’s not fully disclosed. Other
sources have stated that Lion was given time to pay up and threatened to double the ransom
(itwire, 2020). Therefore, the hackers successfully delivered a sophisticated cyber attack
using a REvil ransomware that encrypts and corrupts data when Ransome payment is not
met.

 Availability:

Availability of information means that’s users, either people or other systems, have
access to it.

Availability of services and access to manufacturing operations and customer services

was highly impacted in the Lion cyber-attack, Lion has reported to recover the process
continued and in restoring many of their key systems that caused a partial IT outage.

References
Grubb, B 2020, Hackers post evidence they have beer giant Lion's confidential files,
https://www.smh.com.au/technology/hackers-post-evidence-they-have-beer-giant-lion-s-
confidential-files-20200619-p5548s.html
Lion, 2020, Lion Cyber incident update,
https://www.lionco.com/media-centre/lion-update-re-cyber-issue
McAfee Labs, 2020, McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service
– What The Code Tells Us,
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/mcafee-atr-analyzes-sodinokibi-aka-
revil-ransomware-as-a-service-what-the-code-tells-us/
Varghese, S 2020, Attackers give Lion deadline for paying ransom of US$800,000,
https://www.itwire.com/security/attackers-give-lion-deadline-for-paying-ransom-of-us
%24800,000.html