Discuss the nature of the attacker

Discuss the nature of the attacker

Software Engineering
Part of the responsibilities of a practising security engineer is to stay abreast of developments in the eld, and to maintain awareness of emerging threats, vulnerabilities and response capabilities. The aim of this assignment is to demonstrate that you have begun to develop such an awareness, have assimilated the ideas of the course and understand how they apply to particular scenarios.

Write a report of around 1,500 words that discusses a major issue in security engineering that that was illustrated by actual events that occurred during this session, and which were reported in the popular or trade/technical press during that time. In your report, you should do the following:

Give a description of the facts of the case, in your own words. Preferably, you should draw on multiple sources of information. You should attempt to provide more detail on the details of the incident than is reported in the popular press, by using more technical sources that that take up discussion of the incident and go into technical details. Cite your sources.

Relate the facts of the case to any relevant aspects of security engineering discussed in class. For example, discuss the nature of the attacker, their motivations, the nature of the vulnerability that they exploited, the assets attacked, the consequences of the attack and any defensive actions that were taken in response to the attack.

Reflect on what can be learned from this attack. If you were hired as a security consultant to the organisation involved in this case, what specic recommendations would you make? Are there any lessons for the eld more generally in this incident?