Individual Assignment #3 Instructions: Hacker Culture and Mitigation
Course Objective: Examine hacker culture and related psychological and cultural aspects of cybersecurity from both the malicious actor and user’s perspectives.
Competencies: Critical thinking, communication skills
Each student may choose one of the following organizations (e.g., a private company or a government agency), attack, or perpetrator and should identify a significant past incident in cybercrime or cyberwarfare related to it. The student will fully discuss the specifics of the cyber incident and analyze the motivation of the threat actors/attackers. Analyze the possible motivations of those who worked to defend assets against disruption, and describe motivations of any possible third-parties that may also have been involved. The student will also suggest methods for the organization to discourage hackers or intruders with similar motives and suggest management, policy or technology controls to protect the organization against similar attacks.
Organizations, Attacks, and Perpetrators:
Home Depot
Target
Sony
Office of Personnel Management
Saudi Aramco
Turbo Tax
NASA
Operation Aurora
US Bureau of Justice Statistics
Stuxnet and Flame (US Government?)
Dupont Chemical
Boeing
Johnson &Johnson
Pfizer
4Chan
Tricare Medical
Opi Israel
Sony
News of the World
Motorola
Omega Engineering
Syrian Electronic Army
Njrat
The Jester
Blue Army
Project Chanology
The Estonian Cyberwar
Shamoon (Iran?)
Your paper should describe the type of incident and the actors: personalities, motivations, and other contributing cultural or psychological characteristics. You will find Module “Psychological Aspects of Cybersecurity” helpful with this assignment. Link your analysis to previous readings, interactive modules, and discussion topics, with appropriate citations.
?
At a minimum, the questions you must address are listed below:
a. What descriptive labels might apply to this type of threat/incident?
b. Regarding the threat actors:
What sort of people would go after this information?
Why would they want it?
What will/can they do with it?
How would they get it?
How would potential attackers be identified?
c. How would the organization try to discourage, or reduce the incentives that could attract possible threat actors?
d. How would the organization protect against, or reduce damaging effects due to attempted attacks?
Length 5-7 pages, due at the end of Week 8.
Prepare your paper in Word format. It should be double-spaced with one-inch margins all around. The citations and the reference list in the paper should be formatted in accordance with APA 6th edition guidelines.
Papers must include: cover page, table of contents, introduction, section headings and subheadings, conclusions, APA compliant in-text citations and list of references, and page numbers. The page count begins with the introduction and ends with the conclusions. The questions asked in the assignment should first be outlined (the outline is not included in the document), then the outline should be used to create the Table of Contents and the document sub-headings. The Introduction should briefly preview each sub-heading in the document.
