GRANBY COLLEGES OF SCIENCE & TECHNOLOGY

College of Information and Communication Technology

Naic, Cavite, Philippines
Tel: (046) 412-0437

Name: Page | 1 Score:

Year and Section: Date:

CASE STUDY – PRELIMINARY TERM

COMPUTER SECURITY AND INFORMATION ASSURANCE

General Instructions: Read and analyze cybersecurity incidents. Answer the following questions per scenario: Write your
answer on A4 bond paper and set the top, bottom, and side margins of your paper to 1 inch. Copying the answers of
your classmates will result in zero points in the case study. Deadline: March 21, 2024 by 12:00 PM. Please refer to the
Case Analysis Grading Rubric for your reference.

Title 1: A Granby Colleges of Science and Technology Trip to Vancouver, Canada

The Granby Colleges of Science and Technology sent a small team to Vancouver, Canada, to complete the client
project. During their stay, Dr. Mercurio used a debit card at a local ATM. A month after returning to the Philippines, Dr.
Mercurio received an overdraft notice from his bank. They identified fraudulent withdrawals of Php 150,000.00, all
originating from Vancouver, Canada. There was an additional PHP 25,000.00 overdraft fee. Answer the following
statement to resolve the issue:

1. Write an email response to the bank explaining the identified fraudulent withdrawals.
2. Knowing how Dr. Mercurio responded to the email, what would you have done differently?
3. What do you think the cyber-attack that Dr. Mercurio encountered was? Explain.
4. What are some steps you think Dr. Mercurio could have taken to prevent this accident?
5. Is Dr. Mercurio susceptible? How are you going to reduce your risk?

Title 2: GCST finds unwelcome guests in email accounts.

The Granby Colleges of Science and Technology Accounting Department realized that they were victims of wire fraud
when Ms. Gladys received insufficient fund notifications for regularly recurring bills. A review of the accounting records
exposed a serious problem. A few weeks ago, Dr. Mercurio clicked on the link in an email that they thought was from
the Bureau of Internal Revenue (BIR). It wasn’t. Dr. Mercurio entered their credentials, and the cybercriminals captured
Dr. Mercurio’s login information, giving them full access to the school and personal details. Answer the following
statement to resolve the issue:

1. What kind of cyberattacks did Dr. Mercurio encounter? Explain.

2. What are some steps you think Dr. Mercurio could have taken to prevent this accident?
3. Is Dr. Mercurio susceptible? How are you going to reduce your risk?

Title 3: Network Security of GCST

The GCST has 50 networked windows, 25 in a central office, and another 25 in branch schools. Upon the arrival of the
incident response team, they identified that the school had no security protection in place. Dr. Mercutio had no clue as
to what was going on in the network, no security tools, and the perimeter had no intrusion detection system (IDS) or
intrusion prevention system (IPS) in place. All employees are using the Windows mail system, which operates on Office
365 and MS Outlook. The cyber security team identified that the infection started with a phishing email. Answer the
following questions to resolve the issue:
 GRANBY COLLEGES OF SCIENCE & TECHNOLOGY
College of Information and Communication Technology
Naic, Cavite, Philippines
Tel: (046) 412-0437

1. Identify the cause of the security issue above.Page | 2

2. What is some advice you could offer to Dr. Mercurio that could have been taken to prevent this incident?
3. Explain how your business is exposed to this kind of attack.
4. Discuss ways in which you are going to reduce the risk.

Title 4: GCST Insider Threats

Mr. Alan Pascoe is an engineer in the GCST who is responsible for managing software in the GCST’s cloud
infrastructure, holding positions of trust, and engaging in malicious activity. Mr. Pascoe, motivated by personal gain,
decides to leak sensitive school information. Since he has privileges, he intentionally exposes the school credentials on
the internet. As a result, an outsider discovers the exposed credentials and sends an email to the DepEd and Ched,
notifying them of this security breach. What is the most effective way to respond?

1. Who within the school needs to be immediately informed about the incident? And why?
2. How should the school identify the extent of data exposure and the specific information that has been
compromised?
3. What steps should be taken to change school credentials and secure them?
4. Should access to critical servers be temporarily shut down or limited?
5. What procedures can be put in place to prevent insider threats like this in the future?
6. What steps can the school take to bounce back from a security breach and reduce the risks associated with
exposed data?
7. Are there policies and training programs in place to address insider threats and the handling of sensitive data?
8. What is the process for monitoring privileged users' activities and identifying suspicious behavior?

RESEARCH PAPER

Governments, businesses, and individual users are increasingly the targets of cyberattacks and experts predict that
these attacks are likely to increase in the future. Cybersecurity education is a top international priority as high-profile
cyber-security related incidents raise the fear that attacks could threaten the global economy. The Center for
Strategic and International Studies estimates that the cost of cybercrime to the global economy is more than $600
billion annually. In this lab, you will study four high profile cyberattacks and be prepared to discuss the who, what,
why and how of each attack.

Part 1: Choose one topic below and conduct research of high profile cyberattacks.

 Home Depot Security Breach

 United Nations data breach
 Sony Pictures Entertainment Hack

Read the articles found from your topic and be prepared to discuss and share your research on the who, what, when,
where, and why of each attack.

Part 2: Write an analysis of a cyberattack.

1. Who were the victims of the attacks?

2. What technologies and tools were used in the attack?
3. When did the attack happen within the network?
4. What systems were targeted?
5. What was the motivation of the attackers in this case? What did they hope to achieve?
 GRANBY COLLEGES OF SCIENCE & TECHNOLOGY
College of Information and Communication Technology
Naic, Cavite, Philippines
Tel: (046) 412-0437

6. What was the outcome of the attack? (stolenPage

data,| ransom,
3 system damage, etc.)

Case Analysis Grading Rubric (100 Points)

CRITERIA OUTSTANDING ABOVE SATISFACTORY INSUFFICIENT

AVERAGE
Analysis 35 pts Throughout the Throughout most Throughout much Throughout little to
whole work of the work of the work none of the work
 The analysis
examines, 29-35 pts 22-28 pts 15-21 pts 0-7 pts
summarizes, and
integrates issue(s) to
reveal insight.
 evidence is well
organized with smooth
transitions

Support 35 pts Throughout the Throughout most Throughout much Throughout little to
whole work of the work of the work none of the work
 the analysis
incorporates required 29-35 pts 22-28 pts 15-21 pts 0-7 pts
and additional
resources, when
necessary.

Conclusions 20 pts Throughout the Throughout most Throughout a Throughout little to

whole work, of the work, much of the work, none of the work,
 logically elaborate conclusions conclusions conclusions conclusions
inquiry findings
 demonstrate relevant 17-20 pts 13-16 pts 9-12 pts 0-3 pts
and wide-ranging
research that supports
analytical reasoning in
response to case
study questions

Mechanics and Style 10 pts Throughout the Throughout most Throughout a Throughout little to
whole work, text of the work, text much of the work, none of the work,
• demonstrates good writing skill. text text
9-10 pts 7-8 pts
• is free of major errors in spelling, 5-6 pts 0-2 pts
syntax, and citation (where
applicable)

• is clear and concise

• demonstrates strong word choice

and sentence variety
GRANBY COLLEGES OF SCIENCE & TECHNOLOGY
College of Information and Communication Technology
Naic, Cavite, Philippines
Tel: (046) 412-0437

Page | 4