Question

Deep Blue Robotics (DBR) is a technology and manufacturing firm located in Australia. DBR specializes in autonomous underwater robots that are used in a variety of research, exploration, and offshore oil operations. Until recently, the company was relatively unknown outside of the marine robotics market.

Last year, DBR entered the international spotlight with two major announcements. A new prototype was shown at an international tradeshow. Industry analysts have claimed it is the most advanced system yet and at least 5 years ahead of the competition. DBR also landed two major contracts with foreign state-run offshore oil operations.

DBR is a small company with a head office housing approximately 40 employees and a manufacturing site with 20 employees approximately 20 kilometers away. All servers, including a web server, an email server, and a file server containing code and design specifications reside in a small server room at the head office. The offices are connected via a virtual private network (VPN) over fiber optic connections.

DBR has daily backups that are taken to a secure site by courier. DBR’s workstations and servers are a mix of Microsoft Windows and Linux operating systems. The workstations run a local virus scanner. A small IT staff of three maintains all the systems and the network.

YOUR ROLE

The chief executive officer (CEO) of DBR has recently been talking to a number of vendors about cybersecurity. DBR’s board has agreed that the organization needs to increase their cybersecurity capabilities, but would like a threat and vulnerability assessment before committing any additional funds. You have been hired as an external security consultant to perform a threat and vulnerability assessment

This case exercise was developed to support the Cybersecurity Student Book.

  

1. Based on the information in this case analysis, what are the types of threats DBR may be facing?
   
2. How would you characterize the capabilities and intent of these threats?
   
3. Which threat poses the most risk?
   
4. How would you approach the vulnerability assessment?
   
5. What would be your suggestions based on the information in the case analysis?

Answer 1

Q1. DBR may confront assortments of dangers dependent on its levels extending from essential malware, for example, infections and worms to focused, state-supported assaults known as Advanced Persistent Threats (APTs). The CEO of DBR is presently worried that since they have entered globally exercises like seaward oil penetrating, the natural "hacktivists" might be annoyed with them. The CEO of DBR is very keen on additionally thinking about the term APTs . Able assaults target associations in divisions with high-esteem data, for example, national guard, fabricating and budgetary industry. In Advanced Persistent Threats, the aggressor should consistently modify codes and utilize modern avoidance methods so as to keep up ceaseless access without revelation.

Some APTs are perplexing to such an extent that they require a full-time chairman. Versatile Apps have become the primary driver of the trade-off for an association. The absence of security contemplations around versatile applications makes them the most defenceless method of assaults for an association. Portable keeps on being the most troublesome patterns influencing the innovation scene today. The quick improvement cycle and absence of security contemplations around versatile applications makes them a practical objective for cybercriminals and programmers looking for a route into the endeavour.

Unpatched gadgets are the system gadgets, for example, switches, servers and printers that utilize programming or firmware in their tasks. There might be some gadget that might be left unpatched that is presently powerless against the assailants that are holding back to pick up section into the association and make ruin by taking significant data of the association.

Corporate Espionage wanted to take protected innovation. For this situation, the individual inside the association represents an extraordinary risk as he probably is aware of the organization to a certain degree. More often than not Network security is centered around observing dangers from outer sources, and henceforth end up not focusing and anticipating the dangers that may happen inside.

Hacktivism is a politically persuaded innovation hack, a helpful type of anarchic common insubordination. Some hacktivists have occupied with DoS (Denial of Service) assaults. Disavowal of Service interferes with the system to suspend benefits so its clients face the disengagement from the Internet for a brief timespan.

Q2. The dangers can be described into different kinds depending on the idea of assaults made by an assailant. Distinctive data resources might hold any importance with various sort of assailants based on their necessities. Assailants are officially known as "risk entertainers". They differ from enormously inability and inspiration.

Clarification of dangers, abilities and aim:

1. Content Kiddies dangers: They are typically made by the unsophisticated assailants and are extremely normal. Anyone who gets to the Internet might be helpless against such assaults. The aggressors for this situation utilize those instruments and systems that are promptly accessible on Internet. Likewise, they don't have a solid thought process and their activities are not all around arranged. They simply stand by to strike an open door that comes to their direction.

2. Dangers from Hackers: It is ordinarily made by the refined assailants. They have an order over their abilities and information. They can utilize the devices and strategies and regularly approach refined apparatuses that are required to assault the objective condition. Frequently their goal through such assaults is to have a monetary profit.

3. Corporate Espionage: This danger is from an Insider. While we are occupied with planning barrier from outside assailants, we will in general pass up focusing on avoidance of assaults from an insider of the association since that is least envisioned. While they may not really have a similar degree of refinement as different gatherings, they as of now have some entrance to organize frameworks and data resources.

Q3. Dangers:

Dangers from the burglary of a protected innovation: It is of prime concern in light of the fact that such burglaries may prompt the destruction of an association. It is very notable that Deep Blue Robotics is 5 years in front of innovation when contrasted with its rivals. Since the majority of the individuals know about these realities, such dangers may happen from numerous and any sides. Likewise, the taking of licensed innovation is modest. With the goal for DBR to keep itself from such risk, they need to follow the rules gave by the affiliations, for example, NCPA (National Crime Prevention Associations).

2. APTs: The following most undermining assault could be from Advanced Persistent Threats. Since the association has not utilized any advanced instruments and innovations against any assaults, it may not set aside much effort for assailants to go into the venture system and conceal themselves from being taken note. If there should be an occurrence of the APTs, the's aggressor will probably falsely enter the framework and remain in the system for a more drawn out timeframe. Since they remain for an exceptionally long-term, they generally and more often than not end up being effective in accomplishing their intention. They are extremely shrewd as they utilize all the methods to keep themselves in the system. They continue coding and recoding their projects to stay unidentified. On the off chance that DBR is assaulted by the dangers like APT, it can destroy the whole association by passing out the entirety of its clandestine data that its rivals are yearning to pick up.

Q4. As a Chief Information Security Officer (CISO), it is their duty to ensure information is secure. They need to keep themselves side by side with the data about the cybercriminals, mark off a developing rundown of consistence boxes and screen and keep a nearby tab on the security practices of their accomplices and workers.

Alongside this, it would require an inside and out comprehension of organizational dangers and vulnerabilities, just as present dangers and the best strategies and advancements that would help address them. Simply subsequent to comprehension these, would an association viably design and spend suitable measure of dollars in executing the correct innovation and system.

Defenselessness is something that can be abused by a risk. It is characterized as a shortcoming in a data framework, framework security systems, interior controls or usage that could be misused by a risk source. Ex: If a program has a security blemish, that is known as defenselessness.

Evaluating dangers and vulnerabilities is a significant advance in the general procedure of hazard appraisal and the board. There are three distinct methodologies, contingent upon the association's inclination:

1. Dangers and vulnerabilities are then broke down dependent on resources.

2. Danger based evaluation: Potential dangers are distinguished, trailed by an examination of advantages and vulnerabilities.

3. Weakness based evaluation: First vulnerabilities are distinguished and afterwards attached to the data resources. At long last, dangers to those vulnerabilities and resources are resolved.

Dangers and vulnerabilities can be appointed subjective qualities and quantitative score or a blend of both

.

Q5. Realities:

DBR has now gone into the worldwide market to contend with organizations, which are included in comparative sort of commitment like research, investigation, seaward oil fixing tasks, and so on.

• Its innovation is said to be the most progressive and is five years in front of the

rivalry.

• Landed 2 significant agreements with remote state-run seaward oil tasks.

• Lots of foes for the sake of contenders standing by to pick up data that is generally important to DBR.

DBRfrom IT and Network security front:

• All servers, including internet browsers, an email server and a record server containing code and structure details all are assembled in a little server room. This implies all the eggs are put in a similar bushel.

• Servers are a blend of Microsoft Windows and Linux Operating frameworks.

• The workstations run a neighbourhood infection scanner.