Students must identify three recent data security attacks and, in items 4 and 5 of the Deliverables section, thoroughly describe each attack, including:
- Type of the attack.
- What asset(s) have been impacted by the attack.
- Identify both the victim(s) and the attacker’s target(s).
- Attack data timestamp (where and when this attack happened?).
- What are the vulnerability/vulnerabilities that led to the attack?
- What is the threat(s) that the vulnerability/vulnerabilities would impose on the victim and their asset?
- Identify which security components have been compromised by the attack.
- What are the attack implications or consequences?
- What security controls or mitigations were implemented/suggested for each of those attacks?.
Useful URLs:
- https://purplesec.us/security-insights/data-breaches/#Breaches
- https://www.fortinet.com/resources/cyberglossary/recent-cyber-attacks
- https://portswigger.net/daily-swig/cyber-attacks
- https://konbriefing.com/en-topics/cyber-attacks.html
Deliverables:
A full and comprehensive report in PDF format (Template) of not less than 2500 words detailing the findings of each of the three attacks, as per the requirements provided. You should use your own words to document your report and properly cite any used resources in your report. Make sure to demonstrate your understanding by using all the terminologies introduced in the course so far.
A suggested report structure is as follows (items 4 and 5 will be repeated for each of the three attacks):
- Introduction: Briefly explain the purpose and importance of the assignment. In your own words, provide an overview of the 3-5 key course concepts that struck you the most.
- Background: Define key terminologies introduced in the course (e.g., victim, target, breach, asset, threat, vulnerabilities). Explain the significance of understanding these terminologies in analyzing data security attacks
- Methodology: Describe the approach used to find a recent data security attack. Explain the selection criteria for choosing the three specific attacks to analyze
- Description of the Attack: Provide a comprehensive overview of the selected data security attack. Utilize the terminologies introduced in the course up to week 5 to describe the attack in detail. Discuss the target of the attack, the breach that occurred, and the assets affected as per the requirements above.
- Analysis of the Attack: Identify and describe what was leaked or compromised during the attack. Discuss the timestamps associated with the attack data, if available. Categorize the type of attack based on the provided mindmap or course materials.