Write a Summary of some of the follow up actions taken as a result of the data breach

Home, - Advise a Preventative system against data breach

Case Study 1: ANU Data Breach

The Australian National University (ANU) fell victim to a highly sophisticated cyber-attack that shocked even the most experienced Australian security experts. Cyber attackers accessed sensitive information dating as far back as 19 years. ANU released a detailed incident report on the massive data breach suffered in late 2018. "This report from ANU is an example to everyone else of how to deal with cyberattacks," tweeted Vanessa Teague, associate professor in cybersecurity at the University of Melbourne, on Wednesday.
Read through the incident report and answer the questions based on case study:

i. Write a Summary of some of the follow up actions taken as a result of the data breach.

1) identification of the source of the breach and the severity of the breach.
2) informing the task force related to breach
3) Testing of the security fix of the organization
4) Providing information to stakeholders

ii. Consider a scenario of unauthorized access and data breach that compromised a business entity. How would it affect the business? If you were to recommend a preventative system against such attacks, how would you advise your client?

1) It will lead to loss of the data
2) It will affect the integrity of the data
3) It can lead to unauthorized manipulation of data

Preventive system
1) Install intrusion detection system
2) Install devices to filter data
3) Use two factor authentication of system
4) Provide access control privileges

Case Study 2: (#1 Channel Nine) Australian broadcaster Channel Nine was hit by a cyber-attack on 28th March 2021, which rendered the channel unable to air its Sunday news bulletin and several other shows. With the unavailability of internet access at its Sydney headquarters, the attack also interrupted operations at the network's publishing business as some of the publishing tools were also down. Although the channel first claimed that the inconvenience was just due to "technical difficulties", it later confirmed the cyber-attack.

Assume you are hired as a cybersecurity advisor at Channel Nine. Plan your incident response vtactics for Channel Nine and describe them in detail.

Tactics are
1) Preparation of security incidents in advance
2) Detection of potential attacks
3) Designing the mitigation strategies for the attacks.

Case Study: Conti Ransomware attacks
Conti is a ransomware variant that was first observed in early 2020. It is used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. The Australian Cyber Security Centre (ACSC) says Conti ransomware attacks have targeted multiple Australian organizations from various industry verticals since November 2021. This activity
has happened across multiple sectors. Victims have received demands for ransom payments.

i) There has been recent debate about whether Australia's answer to thwart ransomware is good cyber hygiene. Is the Australian regulatory environment for cybersecurity appropriate? Justify your answer.

1) The regulatory environment is not appropriate as one malware is affecting many organization and organization are being demanded the heavy ransom. There is not system to track the attackers.

ii. What is Conti ransomware and what are some of the recommendations provided for good ransomware hygiene?

2) Conti ransomware is the type of malware actor which encrypts the data as well as systems at a very high speed.
1) Use access control privileges
2) Use of anti virus system
3) Back up of data time to time

Leave a comment


Related :-