Discussion week 5: Advanced Persistence Threats

1.One of the biggest risks that companies face is advanced persistent threats. Discuss the most effective way to implement policies that mitigate the chance of an insider either taking part in or facilitating an advanced persistent threat. What policies can help manage the insider threat for an organization’s supply-chain companies, or the organization’s off-shore contractors? Integrate the concept of separation of duties into your discussion. 2.On Feb. 19, 2013 Mandiant released a report alleging that a specific Chinese military unit is behind one of the largest cyber espionage and attack campaigns aimed at American infrastructure and corporations. Public understanding of Advanced Persistent Threats (APT) is weak, attribution remains difficult, and cyberattacks are often dismissed as criminal or peripheral to national security. This carefully-researched report is significant because it convincingly and publicly assigns attribution for ongoing cyber espionage to groups supported by China. By publishing, Mandiant hopes that -- (a) this report will lead to increased understanding and coordinated action in countering APT network breaches; and (b) its resulting exposure and discussion may thwart APT activities. Discuss whether Mendicant’s two desired outcomes above are likely to occur. 3.While the daily news contains a wealth of information about vulnerabilities, threats, and hackers, there are still several national cybersecurity concerns about which little is known by the general public. Electromagnetic pulse (EMP) is described by several experts as a low-probability, high-effect event. First, read the journal article by Dan Dickerson: “No Defense: America’s Growing Vulnerability to an EMP Attack.” Another low-probability, high-effect threat are "Coronal Mass Ejections, more commonly known as Solar Flares. Our own sun goes through an eleven-year Sun Spot cycle, with the next maximum Solar Flare activity predicted to occur between 2013-2014. An "EMP" spike, or either a "Coronal Mass Ejection" magnetic field, can each disrupt or permanently disable power lines and computer circuitry. They can each fry transformers or overheat transistors. When an EMP event, or a Solar Flare, involves enough high energy, the resulting damage to electronic equipment may be so severe that a re-boot or re-start may not be possible. The equipment is trashed. The DOD, and possibly other countries are currently studying design for new energy weapons that can direct EMP against enemy computers. After reading the EMP article, discuss with your classmates your opinion about the likelihood of an EMP attack by an adversary, or the likelihood of a Solar Flare that could permanently damage much of our sensitive electronic infrastructure equipment. Answer these questions: (1) to what degree should US policy makers should be concerned about a high-effect, low-probability EMP attack, or a powerful Solar Weather event? (2) describe measures that may mitigate damage to the US power grid; and (3) measures individuals can take to mitigate the consequences to their personal electronic equipment.