Elvis Avdiu

Nathan Amanuel
Question 1:
Use the web to conduct research on recent computer-based attacks, suck as the Target credit card
compromise and others. Pick an example and wrie a brief paper of the attack, providing details about
how the attack was carried out, the number and types of systems affect, and the solution. Be prepared
to share your paper with the class?

Answer1:
Two individuals from Ukraine were using ransomware for ransom demands in some cases were more
than 70milion dollars. They were attacking very large industrial groups in Europe and North America.
They started doing these illegal activities last year from April. According to EUROPOL in these attackers
attacked some companies, the smallest demand of theirs was 5.8milion, and the highest demand was 81
million dollars.

What they did?

The were using malware and steal encrypted and sensitive data, once they had those data they were
demanding millions of dollars, otherwise the will post these data on the dark-web. So a lot of targets
had to pay, otherwise they could lose more if that data was released.

What happened?

Fortunately, FBI, INTERPOL, and, EUROPOL joined forces together and were investigating and trying to
find these attackers. On October 4th, 2021. They found out who these attackers were and they arrested
them.

Question 2:
Search the web for information about the CIA triad. How does this concept impact security efforts in the
real world? Create a brief presentation based on your findings.

Answer 2:
CIA – This stands for confidentiality, integrity, and availability, and acts like an objective for every
organization’s security program.

Confidentiality – Stands for “only those who are authorized” and “actively prevented those who are
unauthorized from obtaining access.”
Confidentiality is one of the main concerns for users and as such at the forefront of most discussion and
advancement some technologies
Confidentiality is done with these methods: data classification, labeling, authentication mechanisms,
encryption of data; in process, in transit, and in storage; steganography, remote wipe capabilities, etc.
Integrity – Stands for “ensuring that data has not been tampered with and, therefore, can be trusted. It
is correct, authentic, and reliable.”
Integrity is sometimes mistaken as Confidentiality where the information is “safe.” In this case Integrity
means the “resistance” of the data to change, you don’t want your 1 into 0 (or some other data type).
Integrity is done with these methods: digital certificates, encryption, digital signatures, hashing,
intrusion detection systems, etc.

Availability –Stands for “to ensures that authorized users have timely, reliable access to resources when
they are needed.”
Availability is seldomly thought as it is expected, it deals with keeping thigs running and dealing with
more physical issues such as power and hardware, you only notice when its gone.
Availability is done with these methods: Redundant; servers, networks, applications, and services;
hardware fault tolerance , regular software patching and system upgrades, backups, etc.

Question 3:
Go online and look for information about a specific buffer overflow vulnerability in a commercial
software product. Write a short report detailing the vulnerability and any attacks that have exploited that
vulnerability.

Answer 3:
-       WhatsApp a product of Facebook announced a vulnerability associated with all of its WhatsApp
products. The vulnerability exploited a buffer overflow weakness in the VOIP stack on smartphones. This
allows remote code execution via a series of SRTP packets sent to a target phone number. The exploit
was used to infect over 1,400 smartphones with malware by just calling the target phone via WhatsApp
voice, even if the call wasn’t picked up. Particularly, the spyware infection of a UK-based attorneys
phone involved in a high-profile lawsuit generated a lot of media attention. The Exploit has been since
patched.