Need a perfect paper? Place your first order and save 5% with this code:   SAVE5NOW
HomeScience › Acme Bank Cyber Security Analysis

Acme Bank Cyber Security Analysis

Identify the TTPs (Tactics, Techniques, and Procedures) used by the attackers.

The attacker in the Acme Bak case was clever and used phishing as a tactic to attack the bank system. This was done by the attractive email they sent to lure an employee to click it, thinking it was a legitimate link. The attacker further used two techniques—watering hole attacks from the illegitimate website they used to deliver and initiate the attack. Also, a compromised email was another technique they used from the phishing email that was disguised as a regular employee email to trick them into clicking it. The attacker used the following detailed procedure to access the bank system:

Email phishing delivery

Deceptive Link clicked

Malware installation

Malware Execution

Malware replication in the network

Data exfiltration

Classify the security control types implemented by Acme Bank as either technical, operational, or managerial controls.

Acme Bank implemented all three control types as shown below;

Technical Controls

Advanced email filtering: Acme implemented this control to filter out malicious emails before they reach the employee’s queue.

Network detection system (NIDS); Acme Bank implemented this to detect unusual network activity within Theban systems and block further activity (IanIndexsy, 2023).

Security patches and updates: this was done by the bank to upgrade its security systems to ensure attackers do not have easy access to computer systems and resources.

Operational Controls

Asset inventory; the bank had to have a clear record of their assets to ensure security is implemented in all of them.

Access control was done by the bank to ensure employees and outsiders had different levels of access to the bank’s system and resources.

Training was done by the bank to ensure knowledge of threats, how to identify them, and their levels of impact.

Response plan: the bank created a clear incident response plan to ensure an attack is responded to faster to minimize risks.

Managerial Controls

Board oversight: Acme Bank improved its oversight of the bank’s board of management, which ensured better decisions were implemented that would improve the bank’s security.

Employing a new security team: Acme Bank employs a dedicated Chief Information Security Officer (CISO) who will oversee the overall security of the bank’s systems, ensure employee training, and hire an appropriate team to work under him.

Discuss the attack surface management that took place. Was it passive discovery or edge discovery surface management?

Edge security surface management was the type of attack surface management that took place in this scenario (Nolle, 2021). The email servers of Ace Bank were strategically positioned at the edge of the computer infrastructure to ensure seamless communication between internal and external systems to ensure focused security.

Describe the methods employed by Acme Bank to reduce the attack surface. Consider asset inventory, access control, patching and updating, network segmentation, removing unnecessary components, and employee training.

Asset Inventory: In order to comprehend and control its attack surface, Acme Bank kept an inventory of its assets.

Employee Training: Employees at Acme Bank received thorough training on how to identify and handle any security risks, such as phishing efforts.

Network Segmentation: Acme Bank separated its network into parts in order to lessen the effects of a possible hack and stop additional access, therefore lowering risks.

Patches and updates: this was done by the bank to upgrade its security systems to ensure attackers do not have easy access to computer systems and resources.

Access control was done by the bank to ensure employees and outsiders have different levels of access to the bank’s system and resources.

References

IanIndexsy. (2023, March 15). What is Network Intrusion Detection System (NIDS)? Sapphire. https://www.sapphire.net/cybersecurity/nids/

Nolle, T. (2021, November 8). Edge computing security risks and how to overcome them. IoT Agenda. https://www.techtarget.com/iotagenda/tip/Edge-computing-security-risks-and-how-to-overcome-them

 

Don't have time to write this essay on your own?
Use our essay writing service and save your time. We guarantee high quality, on-time delivery and 100% confidentiality. All our papers are written from scratch according to your instructions and are plagiarism free.
Place an order

Cite This Work

To export a reference to this article please select a referencing style below:

APA
MLA
Harvard
Vancouver
Chicago
ASA
IEEE
AMA
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard

Related Essays

Risk Management in Elderly Care

Risk management is a crucial part of any organization as it aids businesses in identifying and dealing with possible future risks before they occur. The interview was conducted in an assisted living facility, and the interviewee was the head of the risk management program in the medical facility. From the interview, the risk management head ... Read More
Pages: 5       Words: 1238

Evidence-Based Practice: Catheter-Associated Urinary Tract Infection (CAUTI)

The Clinical Issue The hospital has been experiencing higher cases of Catheter-Associated Urinary Tract Infection (CAUTI). A urinary tube called a catheter that has been implanted to drain urine from the bladder is responsible for causing a urinary tract infection called Catheter-Associated Urinary Tract Infection. According to the internal hospital reports, approximately one person for ... Read More
Pages: 7       Words: 1897

Diabetes: A Review of Literature and Implications for Nutrition Practice

Introduction Diabetes is a complicated metabolic illness that presents serious difficulties for both patients and medical personnel. There is much knowledge about the genesis, treatment, and prevention of diabetes in the literature. This article attempts to thoroughly assess the existing knowledge on diabetes by synthesizing the prescribed readings and carrying out further research. The details ... Read More
Pages: 4       Words: 1098

Three Detrimental Effects of Drugs on Society

Introduction The use of illicit drugs has been on the rise in recent years, with severe consequences for society. Drug abuse can lead to crime, violence, and death and damage communities’ economy and social fabric. According to the National Survey on Drug Use and Health, the percentage of Americans aged 12 and over who used ... Read More
Pages: 4       Words: 1067

Medication Errors Within Healthcare Facilities

The key characteristics of a healthcare organization provide a fundamental framework essential for its quality outcomes, success, and effectiveness. The solid relationship between quality outcomes and healthcare reimbursement has become increasingly critical within the healthcare organization as it remarkably facilitates the organization’s reputation, client attraction, and negotiation of favorable reimbursement contracts with payers. Equally important, ... Read More
Pages: 4       Words: 828

AI Ethics and the Market

Introduction The advent of artificial intelligence (AI) technology has revolutionized the way we interact with the world around us. AI is becoming increasingly integrated into our lives, from self-driving cars to voice-activated home assistants. One of the most recent AI developments is ChatGPT, AI software that can understand and generate texts and creative academic summaries ... Read More
Pages: 6       Words: 1479
Need a plagiarism free essay written by an educator?
Order it today

Popular Essay Topics