INSTRUCTIONS

PART 1 - Analyse a cybersecurity vulnerability or incident (upload 1 pdf file with the report to Moodle)

Information on security problems, weaknesses and attacks can be found in many places (blogs, newsletters,    experts' pages, etc.). Your task is to pick one item only from the following list (additional other sources can be   added, but need to cover the same vulnerability/incident), read the news item, look up and read the referenced sources, and finally write a report on the findings.

Hospital (updated: 06/10/2023)

●    https://www.techbusinessnews.com.au/news/almost-200-royal-womens-hospital-p atients-details-potentially-exposed-in-data-leak/

Government Agencies (updated: 26/06/2023)

●    https://www.theguardian.com/australia-news/2023/jun/26/hwl-ebsworth-hack-sensit ive-information-from-dozens-of-government-agencies-may-be-compromised

Spyware (updated: 18/04/2023)

●    https://citizenlab.ca/2023/04/nso-groups-pegasus-spyware-returns-in-2022/

Keyless Car Theft (updated: 08/04/2023)

●    https://arstechnica.com/information-technology/2023/04/crooks-are-stealing-cars-u sing-previously-unknown-keyless-can-injection-attacks/

Windows Bug (updated: 21/03/2023)

●    https://www.bleepingcomputer.com/news/microsoft/windows-11-snipping-tool-priv acy-bug-exposes-cropped-image-content/

Finance Firm (updated: 16/03/2023)

●    https://www.canberratimes.com.au/story/8123271/finance-firm-gives-cyber-hacker s-too-much-latitude/

Ransomware (updated: 11/03/2023)

●    https://techcrunch.com/2023/03/22/fortra-goanywhere-ransomware-attack/

Malware (updated: 10/03/2023)

●    https://arstechnica.com/information-technology/2023/03/malware-infecting-widely- used-security-appliance-survives-firmware-updates/

Follow the following steps to write your report

1.    Choose one of the 8 news items above, read the text.

2.    Look up and read the articles and information referenced in the news item.

3.    Write a short summary of the news item in your own words (max 200 words).

4.    Identify which software, hardware or system is affected (max 100 words). The identification should be as precise as possible. Include exact product names, distribution of the product, version numbers, etc.

5.    Describe how the problem was discovered and how it was initially published. Try to find this information in the referenced articles. The problem might have been found by researchers at a university, by a

professional security company, by some hacker, published in a scientific conference/journal, in a

newspaper on a blog, etc. Was it the result of targeted research, found by chance, were any tools used, etc? (write 100-150 words)

6.    Discuss how serious the issue/weakness/attack is, describe what is necessary to exploit the weakness, evaluate what the consequences might be if it is exploited, and what reactions you think

7.    are necessary/useful on (i) a technical level, (ii) in terms of human behaviour, and (iii) on a policy level (between 200 and 350 words).

8.    Use APA 7th referencing style.

9.    Create a pdf file and upload it to Moodle.

Part 2 - Security controls in an IT network of a medium sized company with automated production of vacuum cleaners (upload 1 pdf file with the slides and 1 video with your presentation to Moodle)

For this task you take on the role of a security architect (as defined in the NIST NICE workforce framework) You   are responsible for a re-design of a company network, including placing security controls in the right places of the network. As security always costs money, you need to prepare a presentation that explains to the management    of the company why each security control is required at that particular part of the company network.

The company has several departments, but the focus is on three network areas:

●    Production with automated machines controlled from PCs connected to the network. Production runs 24/7 and outages would be very expensive for the company. The company is very modern and

customers can design their own colour combinations and specifications for their vacuum cleaner. Thus,

data needs to frequently (every 6 hours) be transferred to the PCs controlling the machines.

●    Outward facing servers including a web server that is used for marketing and online sales and the company’s  mail server.

●    Administration with PCs and laptops, a server running administration software and databases, wireless printers and Wifi for meeting rooms and general office areas. Employees also travel with their laptops   and need to access the administrative network, but not the production area.

You have a list of security controls to be used and a number of entities that need to be connected in the internal   network. Depending on the role of the entity, you need to decide how they need to be protected from internal and external adversaries.

Entities to be connected:

●   PCs to control production machines

●   Production machines themselves

●   Employee PCs and laptops for administration

●    Server for administration and internal databases

●    Wireless printer and scanner for administration use

●   Authentication server