Executive Summary

The report explores different risks that can affect PEP and develop a mitigation plan to help the
company handle these risks. All risks are categorized in the STRIDE model and listed in decreasing risk
impacts. The Spoofing attack is the major attack identified in the analysis. To mitigate spoofing, PEP is
recommended to use packet filters to prevent malicious and unwanted internet protocols from entering
the network. PEP's security personnel should define applicable rules that can block all unwanted IPs and
allow only known and trusted IPs. PEP should also implement robust encryption/authentication protocol
to ensure data integrity between communicating nodes and safeguard against spoofing. The threat
analysis based on the likelihood and consequences is also provided to understand risks that should be
prioritized. Analyzing threats is vital in establishing the impact of risk and the appropriate measures to
mitigate those threats. PEP should prioritize all threats that have levels that are above the tolerance
level and treat them to be in the range of the organization's level.
Table of Contents
Executive Summary.....................................................................................................................................1
Introduction.................................................................................................................................................1
Discussion of APP and GDPR........................................................................................................................2
Threat list and STRIDE categorization summary..........................................................................................2
Threat Analysis............................................................................................................................................7
Risk Matrix...............................................................................................................................................8
Threats and Controls...................................................................................................................................9
Mitigation scheme.....................................................................................................................................12
Need for ongoing cybersecurity............................................................................................................12
Conclusion.................................................................................................................................................13
References.................................................................................................................................................13
Introduction
A ransomware attack against JBS Food prompts renewed calls for other agricultural and food sectors
such as Peters Excellent Packers (PEP) to implement new cybersecurity protections to protect the data
and information systems. The fact that JBS Food paid the ransom signifies to perpetrators that it can
work, and hence food sector companies should expect more attacks. The food sector is a critical part of
the economy, making it a likely target for cyber-attacks. PEP wants its IT system to be reviewed to figure
out how vulnerable they are to cyber-attacks. PEP does not have system-wide intrusion detection and
prevention, which puts it at high risk of a cyber-attack. A risk mitigation plan is a vital element that
ensures that an organization plans for disasters and lessens the negative impact. Proper risk mitigation
evaluates the impact of different risks and prioritizes planning based on the impact. Proper risk
mitigation entails first pinpointing potential risks and then implementing strategies to help lessen or
stop the risk. Some of the strategies employed in risk mitigation planning and monitoring are accepting
the risk, avoiding the risk, controlling risk, transferring the risk, and monitoring the risk. In today's world,
ignoring data privacy issues can have detrimental impacts on the organization. Breaching GDPR and
Australian Privacy Policies (APP) comes with hefty fines and reputation damage. This report explores
different risks that can affect PEP and develop a mitigation plan to help the company handle these risks.

Discussion of APP and GDPR

The Australian Privacy Policies (APPs) are the cornerstone of the privacy protections that govern the
standards, rights, and obligations around the collection and use of personal information, the right of
individuals to access personal information, and the organization’s governance and accountability
(Selvadurai, 2013, p. 299). The policies are principles-based laws that allow organizations to tailor their
personal information handling practices based on the business model and the users' needs. A breach of
APP can lead to regulatory actions and penalties. Some of the best practices that PEP can employ to
improve compliance with APP are:

 Collect anonymous information instead of personal information and delete or correct personally
identifiable information
 Obtaining consent for new uses of sharing of user data with a third party. PEP should also check
whether the third party has appropriate privacy practices.
 Notifying users when their personal information is collected
 Protecting the personal information it holds by having policies and measures to mitigate various
threats that cause security breaches.

GDPR

Based on GDPR, an organization should provide individuals with privacy notice that is accurate,
transparent, and easily accessible (Goddard, 2017, p. 703). The notice should also be written in clear and
plain language and delivered in a timely manner. The GDPR also specifies the type of information that a
company needs to share in the privacy notice. The user must be explained the right to withdraw consent
at any time, the right to lodge complaints, the right to erasure, the right to data portability, and the
rights related to automated data decision making and profiling.
Threat list and STRIDE categorization summary
STRIDE model is a powerful model that helps an organization identify all threats it is exposed to
(Abomhara et al., 2015, p. 89). The STRIDE model prioritizes threats and figures outs their consequences
and likelihood. The risks below are listed in decreasing risk impacts.

STRIDE Threat risks

elements
Spoofing  Spoofing the identity of another by brute-forcing login credentials

 Malicious phishing host attempts to trick individuals into giving

their credentials

Information  Eavesdropping, sniffing, and reading of traffic in a clear text

disclosure
 The malicious actor reading data on disk in a clear text

 Malicious actor attacking application protected by TLS to steal

SSL/TSL certificate decryption key and other sensitive data.

 The malicious actor read sensitive data in the database

Elevation of  The malicious actor uses buffer overflow to gain root-level

Privileges privileges (Harini & Fancy, 2021, p. 11)

Tampering  A malicious actor performs a bit tracking attack on data in transit.

 Malicious actors modify data at rest

 Injection attack on an application

Denial of  SYN flood attack

services
 Exposing Kubernetes on the internet allows other people to deploy
containers on the organizational infrastructure starving legitimate
 application of the CPU.

Repudiation  Denying performing destructive actions such as deleting a record in

a database (Sun et al., 2020, p. 145).

 Malicious actors erasing and truncating log files to hide their tracks

 Admin unable to establish whether a container has begun behaving

erratically/suspiciously

Figure 1 PEP Data flow diagram

1. Spoofing
Spoofing occurs when a malicious cyber actor tricks the user in order to access the
system, distribute malware, or steal personal information (Jiang et al., 2020, p. 1).
Risk Level: High 4C

Explanation: Brute forcing user credentials Explanation:

are phishing are major threats likely to occur
 The spoofing attack is likely to occur, and it
has major consequences. PEP should
mitigate this using suitable measures
Technique
Avoid Risk

Extreme High Medium Low Very Low



2. Information disclosure
This occurs when a user accesses unauthorized and personal information
Risk Level: Medium Likelihood and Consequences Rating: 3C

Explanation: there is possible of information Explanation:

disclosure occurring. The impact of this threat is Likelihood: Possible
major, and hence it should be avoided Consequences: major
 Techniques (Avoid Risk ) :

Extreme High Medium Low Very Low


 3. Elevation of privilege
Elevation of privilege occurs when the user elevates privileges in order to perform tasks in which
one is not authorized.
Risk Level: Medium Likelihood and Consequences Rating: 2C

Explanation: The impact of this unauthorized Explanation:

access the confidential information is major. Likelihood: unlikely
However, the likelihood of elevation of Consequences: Major
privileges occurring is unlikely
Handling Options: Avoid Risk

Extreme High Medium Low Very Low

4. Tampering
Tampering is maliciously altering or changing the data in a network, in transit, or a
database.
Risk Level: Low Likelihood and Consequences Rating: 2D

Bit tracking attacks and malicious data Explanation:

modification in the PEP system are less likely, Likelihood: Unlikely
and the consequences are minor. The threat, Consequences: Minor
therefore, requires little attention
Handling Options: Avoid Risk

Extreme High Medium Low Very Low


 5. Denial of service
Denial of service occurs when a litigate user is denied access to a system or network due to
overload by massive requests by malicious cyber actors.
Risk Level: low Likelihood and Consequences Rating: 2D

Explanation: The threat is unlikely, and the Explanation:

Impacts are minor. PEP should pay little Likelihood: unlikely
attention in dealing with this threat Consequences: Minor
Handling Options: Control the risk

Extreme High Medium Low Very Low



6. Repudiation
This is an explicit denial of performing a task when there is no proof that a specific
user performed a certain task.

Risk Level: very low Likelihood and Consequences Rating: 2C

Explanation: Repudiation is unlikely to occur Explanation:

in the PEP network. The consequences of the Likelihood: unlikely
threat are also insignificant. PEP should accept Consequences: negligible
this risk
Handling Options: Accept Risk

Extreme High Medium Low Very Low


Threat Analysis
The threat analysis is based on the probability of occurring and the negative consequences if it does
(Mäurer & Schmitt, 2019, p. 1). Risk analysis enables an organization to analyze the probability that an
adverse event might negatively affect the organization. Analyzing threats is vital in establishing how
worthwhile activity is and the appropriate measures to mitigate those threats. The threat analysis starts
by identifying what might go wrong and weighing against the probability metric that measures the
likelihood of a threat happening.

As a security consultant, I talked to employees and other experts to understand the impact and
likelihood of an attack in PEP systems. Some of the questions asked include

Some of the questions asked include:

- Which systems are more likely to be targeted?

- Who might attack the system and the network?

- What is the cost of mitigating different risks?

- What are the leading causes of threats in PEP systems?

- What measures should be adopted to reduce the possibility of attack?

Risk Matrix
A risk matrix is helpful in risk assessment by visualizing the likelihood and impact of potential risks in an
organization. The risk matrix provides a visual representation of risks associated with an organization.

consequence severe Significant Major Minor Negligible

Likelihood Explanation Value (A) (B) (C) (D) (E)

Very The likelihood of 5
likely the threat
occurring is very 5A 5B 5C 5D 5E
high
Likely The likelihood of 4
the threat
occurring is high
 4A 4B 4C 4D 4E
possible There is the 3
possibility of this
threat occurring 3A 3B 3C 3D 3E
unlikely the risk is 2
unlikely to occur
2A 2B 2C 2D 2E
Impossible The risk can't 1
occur 1A 1B 1C 1D 1E

Consequence scale

Consequences Severe significant major minor negligible

Scope/cost The cost of It is costly It is costly It is not Not costly
dealing with and affects and affects expensive and
the risk is business- critical and has a negligible
high, and the critical business minor impact on
risk has a assets. assets. impact on business-
severe business- critical
impact on critical assets.
business- assets
critical
assets.

PEP should prioritize all threats that have levels that are above the tolerance level and treat them to be
in the range of the organization's level. Risks that have negligible consequences and are very unlikely
should be accepted. Repudiation threats should be accepted since they have negligible consequences
and a very unlikely probability.

Threats and Controls

Threat Control Implementation cost
estimation ($)
Spoofing  Using packet filters to prevent 6000
malicious and unwanted internet
protocols from entering the
network. PEP's security personnel
should define applicable rules that
can block all unwanted IPs and
allow only known and trusted IPs.
 PEP should implement a strong
encryption/authentication protocol
to ensure data integrity between
communicating nodes and
safeguard against spoofing.
 Employees should undergo
phishing training to educate them
on how to detect phished websites
 PEP should use up-to-date
antiviruses to safeguard the
systems and networks against
viruses
 PEP should embrace advanced
technologies such as DKIM to
protect the systems and network
against a wide range of cyber
threats
 Use email filters to prevent
targeted phishing (Prem & Reddy,
2019, p. 1448)
Information disclosure  PEP should educate the staff to 6000
prevent accidental disclosure of
confidential information to
fraudsters
 Implementing confidentiality
ensures appropriate authentication
measures like strong passwords
and multifactor authentications
are used to prevent unauthorized
access.
 Implementing proper encryption
 Avoiding self-signed certificates
and using the only valid and
trusted certificate authority (CA)
(Yu et al., 2017, p. 327)
Tampering  Implementing appropriate 7000
encryption measures to change
the information into a format that
someone with an encryption key
can only read. There are a wide
range of encryption protocols that
PEP can use to protect the
systems and network, including
FTP, SLL.
 Use a firewall to block malicious
IP traffics.
 Appropriate validation of the user
input and proper encoding of
output.
 Implementing proper
authorization techniques.
 Using antivirus
 Integrating the network with a
security statistic code analysis
tool to detect security
vulnerabilities
Denial of services  Using network monitoring tools 4000
to detect and block malicious
traffic
 Implementing multi-level
protection measures

Elevation of privileges  PEP should use a firewall to 4000

reduce attack surfaces
 Patching to remove bugs that can
make it easy for malicious
attackers to elevate the privilege
(Kitchen et al., 2021, p. 269).
 Educating all employees on the
best password management
practices.
 Appropriate authorization
mechanisms such as and role-
based access controls
 Using security static code analysis
 to avoid any bug in the code
 Use audit tools that can detect and
handle any hijacking vulnerability
Repudiation  Implementing an authentication 5000
mechanism where each user will
identify his identity before
accessing the system (Dinesha &
Agrawal, 2012, p. 1).
 Using logs that can detect any
malicious activity in the network
and prevent or block it.
 utilizing cryptographic signature
to implement security to all
transactions performed within the
PEP network

Mitigation scheme
In this section, a suitable mitigation plan is provided that will help PEP keep its network secure. The
handling techniques that PEP can embrace to protect the organization network are avoiding the risk,
controlling the risk, monitoring the risk, and accepting the risks.

The following are some of the threats that PEP should avoid:

 Phishing (spoofing)
 Injection attack (tampering)
 Modification of data (tampering)
 Information disclosure (information disclosure)
 Eavesdropping in a clear text (information disclosure)
 Gaining root-level privileges using buffer overflow (elevation of privileges)
 SYN flood attack (Denial of services)
Threats that should be accepted

• Denying performing destructive actions

• Admin unable to establish whether a container has begun behaving erratically/suspiciously

The recommended mitigation scheme to deal with the threats are:

Recommended mitigation measures Mitigation scheme cost

Using anti-malware and antivirus to protect $5 – $8 per server, per month.
against malware and viruses $3 – $5 per user, per month for basic antivirus
 Using a firewall to block malicious software $450 and $2,500
and traffic (Diekmann et al., 2016, p. 252).
Without a firewall, PEP systems and
networks could be wide open and vulnerable
to attack.
Endpoint detection and response (EDR) to $9 – $18 per server per month 
facilitate real-time monitoring, detection, and
remediation
Email protection $3 – $6 per user per month
Cybersecurity staff awareness training $600

Link: https://www.provendatarecovery.com/blog/cyber-security-cost-expenses-fees/

Need for ongoing cybersecurity

PEP should ensure ongoing cybersecurity since cybercriminals are becoming more sophisticated,
changing what they target and the approaches of attack of different security systems. With ongoing
cybersecurity, PEP will be able to protect all categories of data from theft and damage by ensuring there
is an appropriate mitigation plan to deal with the attack.

Conclusion
The report performs the risk analysis and identifies controls that PEP should employ to protect its
system against a data breach like the one that JBS Food experienced. The food sector is a critical part of
the economy, making it a likely target for cyber-attacks. A risk mitigation plan is a vital element that
ensures that an organization plans for threats and lessens the negative impact. Proper risk mitigation
evaluates the impact of different risks and prioritizes planning based on the impact. PEP should comply
with Australian Privacy policies and GDPR to prevent facing regulatory action and penalties. STRIDE
model help to prioritize threats and pinpoints the consequences and likelihood of a threat. Spoofing is
the most likely threat with major consequences that PEP is likely to experience. Spoofing occurs when a
malicious cyber actor tricks the user in order to access the system, distribute malware, or steal personal
information. The threat analysis is based on the probability of occurring and the negative consequences
if it does. Analyzing threats is vital in establishing the impact of risk and the appropriate measures to
mitigate those threats. PEP should prioritize all threats that have levels that are above the tolerance
level and treat them to be in the range of the organization’s level. To protect against spoofing threats,
PEP should implement packet filters and strong encryption protocols. The recommended mitigation
scheme should be aimed to prevent phishing, injection attack, modification of data, information
disclosure, and SYN flood attack.

References
Abomhara, M., Gerdes, M., & Køien, G. M. (2015). A stride-based threat model for telehealth systems.
Norsk informasjonssikkerhetskonferanse (NISK), 8(1), 82-96.
https://www.researchgate.net/profile/Mohamed-Abomhara/publication/291766457_A_STRIDE-
Based_Threat_Model_for_Telehealth_Systems/links/56a5de3208ae1b6511345e4a/A-STRIDE-
Based-Threat-Model-for-Telehealth-Systems.pdf *
Diekmann, C., Michaelis, J., Haslbeck, M., & Carle, G. (2016). Verified iptables firewall analysis. 2016 IFIP
Networking Conference (IFIP Networking) and Workshops,
https://ieeexplore.ieee.org/abstract/document/7497196/
Dinesha, H., & Agrawal, V. K. (2012). Multi-level authentication technique for accessing cloud services.
2012 International Conference on Computing, Communication, and Applications,
https://ieeexplore.ieee.org/abstract/document/6179130/
Goddard, M. (2017). The EU General Data Protection Regulation (GDPR): European regulation that has a
global impact. International Journal of Market Research, 59(6), 703-705.
https://journals.sagepub.com/doi/pdf/10.2501/IJMR-2017-050 *
Harini, C., & Fancy, C. (2021). A Study on the Prevention Mechanisms for Kernel Attacks. In Artificial
Intelligence Techniques for Advanced Computing Applications (pp. 11-17). Springer.
https://link.springer.com/chapter/10.1007/978-981-15-5329-5_2 *
Jiang, Z., Zhao, K., Li, R., Zhao, J., & Du, J. (2020). PHYAlert: identity spoofing attack detection and
prevention for a wireless edge network. Journal of Cloud Computing, 9(1), 1-13.
https://journalofcloudcomputing.springeropen.com/articles/10.1186/s13677-020-0154-7 *
Kitchen, J. T., Coogan, D. R., & Christian, K. H. (2021). The Evolution of Legal Risks Pertaining to Patch
Management and Vulnerability Management. Duq. L. Rev., 59, 269. https://heinonline.org/hol-
cgi-bin/get_pdf.cgi?handle=hein.journals/duqu59&section=15
Mäurer, N., & Schmitt, C. (2019). Towards Successful Realization of the LDACS Cybersecurity
Architecture: An Updated Datalink Security Threat-and Risk Analysis. 2019 Integrated
Communications, Navigation, and Surveillance Conference (ICNS),
https://ieeexplore.ieee.org/abstract/document/8735139/
Prem, S. P., & Reddy, B. I. (2019). Phishing and Anti-Phishing Techniques. International Research Journal
of Engineering and Technology, 6(7), 1446-1452.
https://www.academia.edu/download/60473049/IRJET-V6I718420190903-94123-1p7iedv.pdf *
Selvadurai, N. (2013). Protecting online information privacy in a converged digital environment–the
merits of the new Australian privacy principles. Information & Communications Technology Law,
22(3), 299-314. https://www.tandfonline.com/doi/abs/10.1080/13600834.2013.856125 *
Sun, J., Yao, X., Wang, S., & Wu, Y. (2020). Non-repudiation storage and access control scheme of
insurance data based on blockchain in IPFS. IEEE Access, 8, 155145-155155.
https://ieeexplore.ieee.org/abstract/document/9174837/
Yu, Z., Zhang, W., & Dai, H. (2017). A trusted architecture for virtual machines on cloud servers with a
trusted platform module and certificate authority. Journal of Signal Processing Systems, 86(2-3),
327-336. https://link.springer.com/content/pdf/10.1007/s11265-016-1130-9.pdf *