It seems that hardly a week goes by without at least one report of a major compu

Question

It seems that hardly a week goes by without at least one report of a major computer security breach at a company or a government agency. There have been numerous attacks perpetrated on many Windows-based computers using various methods and techniques.

Research a recent attack that has exploited Windows vulnerability. Address the following questions in your post:

1) Describe the nature of the attack. What exactly happened?

2) Identify what specific Windows or application vulnerability was exploited.

3) How was the security breach mitigation handled by the "victim".

4) If you were a security administrator responsible for handling a response to the incident what, if anything, would you do differently?

Explanation / Answer

It is true that there have been numerous attacks perpetrated on many windows based computers using various methods and tehniques.recently there are many attacks that has exploited windows vulneribility like ransomware,Zero day exploits etc., Let us know about one of the recent attacks

1.There is a attack in middle of 2017 called ransomware attack which is much more effective than the previous Wannacry attack.

2.Due to this attack there is a great affect across multiple organizations like Russian Central bank and the Ukrainian International Airport etc.,

3.This malware uses low level encryption in which hard drive is itself encrypted.

4.Because of this , it is more diificult because the disks have to be formatted before the operating system is reinstalled and it is time consuming.

5.The victims should handle the security breach mitigation by doing staregic patch management,compliance and policy enforcement.

6.Patching should be done with due care and attention.We should ensure the product being patched has full support from product vendor.

7.It is important to assign internal criticality ratings to vulnarabilities and access the likelihood of exploitation in order to ensure high priority and immediately vulnerable systems are patched quickly and this helps to prevent threats from affecting the organization.

8.Patch management should also include updating operating systems.If there is use of operating systems which are not supported by vendors (i.e., older os)then they will give chance to the attackers to gain wider networks.(Especially in organisations).

9.The breach mitigation strategy should also be done by the end users because they may be attacked easily because phishing and social networking attacks are simple.So,there should be awareness in them.

10.In order to avoid these attcks organizations should employ a stable upgrade and maintenance cycle to get rid of cyber threats.

11.We should use a vulnerebility scanner to detect vulnareble systems and applications.

12.If we are the security administrator responsible for handling the incident we would do the same and nothing is possible other than that process.If possible we should take the precautions before hand to avoid the malware attack.

Hope this answer helps.Thank you.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.