Home
Nursing study Help
Cyberattacks

Nursing study Help

Cyberattacks

February 19th, 2022 Thesis

Cyberattacks
A cybersecurity threat happens to be any act that is maliciously conducted to seek to damage, disrupt or steal data or the digital life. Cyber-attack refers to an assault that is launched using one or more computers against various networks or computers. These attacks can steal data, disable computers, or, rather, the criminals behind the attacks can use a breached computer to launch more attacks. Examples of cyber-attacks are such as the denial of service attacks, data breaches, computer viruses, among others. The common types of attacks are malware, phishing and man-in-the-middle.
According to the MITRE ATT&CK framework, some of the tactics used in perpetrating an attack by adversaries include one, persistence, any action, access or configuration change to a system that allows an adversary to have a presence that is persistent (The MITRE Corporation). Two, defense evasion which is a tactic used by an adversary in evading detection. Three, discovery is a technique that allows an adversary to acquire knowledge about a system and its internal networks. Four, credential access is a tactic used within an enterprise environment resulting in the control over or access in a system, service or domain credentials.
Approaches
The different approaches used by attackers in conducting cyber-attacks are classified under each tactic. For example, in persistence, the attackers use various techniques like DLL search order hijacking, which is an attack that takes advantage of the manner which windows handles DLL in allowing attackers load codes that are malicious into a clean process and legitimate credential (Strom, Blake E., et al.). In defense evasion tactics, the attackers use techniques like binary padding, which changes the checksum of a file to avoid hash-based anti-virus signatures and code signing, which is a method of adding digital signatures on a file, executable, program or software update to enable verification of its integrity and authenticity.
In discovery tactic, techniques used are account discovery and application window discovery where adversaries attempt to acquire a list of open application windows to convey information on how the system is used or acquire context to collected information (Strom, Blake E., et al.). In the credential access tactic, the techniques used include brute force, which is an attack where the attacker submits several passwords or passphrases to guess the correct one and credential dumping, which is an attack that extracts or dumps user authentication credentials such as passwords and usernames from the targeted computer to enable the attacker to reenter that computer at will.
detection and mitigation
strategies used to mitigate persistence include applying whitelist in preventing malicious software and unapproved programs from running, patching the vulnerabilities of an operating system, and restricting administrative privileges from applications and operating systems depending on the user’s duties. In mitigating defense evasion, all pods should be monitored, and an anti-evasion malware detection technique is applied to trick the malware into attacking itself (Choi, Seungoh, et al.). to mitigate code signing, binary and application integrity is enforced with digital signature verification in preventing codes that are untrusted from being executed. Credential access protection is mitigated by using capabilities to prevent successful access of credentials by adversaries, including blocking all credential dumping forms.
In general, there are steps taken in detecting threats. These are one, knowing the firm’s network by auditing the devices connected in the network to find out if they are authorized or unauthorized. Two, keep monitoring the firm’s network by collecting log and event data from devices then correlate the data obtained across multiple devices. That helps in identifying patterns that may show malicious activities. Three, acquire a plan and a process on how to perform these activities and how to react to them. Four, it is good to keep automating as much as possible to ensure that human errors are minimal, and a consistent process is put in place over time. Five, a managing team of a high human component, should be put in place.
references
The MITRE Corporation, www.mitre.org/sites/default/files/publications/16-3713-finding-cyber-threats%20with%20att%26ck-based-analytics.pdf.
Strom, Blake E., et al. “Mitre att&ck: Design and philosophy.” Technical report (2018).
Strom, Blake E., et al. “Finding cyber threats with ATT&CK-based analytics.” The MITRE Corporation, Bedford, MA, Technical Report No. MTR170202 (2017).
Choi, Seungoh, et al. “Expansion of {ICS} Testbed for Security Validation based on {MITRE} ATT&CK Techniques.” 13th {USENIX} Workshop on Cyber Security Experimentation and Test ({CSET} 20). 2020.

Published by

Thesis

View all posts

RELATED ARTICLES

Focused SOAP Psychiatric Evaluation

Focused SOAP Psychiatric Evaluation Follow Assignment Instructions Carefully read and answer each bullet point of the assignment (answer briefly). All references require creditable sources, nothing less than 5 years. References require doi or http. Please add conclusion. Help write my thesis – APA needs to be 7th Edition. No running head needed. No Plagiarism Please! […]

ITS-834: Emerging Threats & Countermeasures. Assignment help – Discussion, Research Paper:Cyber Security And The Internet Of Things essay

Subject: ITS-834: Emerging Threats & Countermeasures Reading Resources: Abomhara, M., & Koien, G.M. (2015). Cyber security and the internet of things: Vulnerabilities, threats, intruders, and attacks. Journal of Cyber Security, 4, 65-88. DOI: https://doi.org/10.13052/jcsm2245-1439.414 NIST. (2019). Guide to Protecting the Confidentiality of Personally Identifiable Information (PII). United States Department of Commerce. National Institute of Standards […]

HEALTHCARE MANAGEMENT RESEARCH PROJECT essay

Healthcare Management Research Project: General Assignment Instructions Overview Each student will author a final research paper focused on a selected topic below. This paper is to be reflective of an undergraduate-level academic research paper and will be assembled throughout the course by producing several deliverables: The following is a description of the overall theme along […]

Get affordable writing help - for this paper or similar assignments; by simply placing an order with us!

Place an order | Check Price