Need a perfect paper? Place your first order and save 5% with this code:   SAVE5NOW
HomeScience › Acme Bank Cyber Security Analysis

Acme Bank Cyber Security Analysis

Identify the TTPs (Tactics, Techniques, and Procedures) used by the attackers.

The attacker in the Acme Bak case was clever and used phishing as a tactic to attack the bank system. This was done by the attractive email they sent to lure an employee to click it, thinking it was a legitimate link. The attacker further used two techniques—watering hole attacks from the illegitimate website they used to deliver and initiate the attack. Also, a compromised email was another technique they used from the phishing email that was disguised as a regular employee email to trick them into clicking it. The attacker used the following detailed procedure to access the bank system:

Email phishing delivery

Deceptive Link clicked

Malware installation

Malware Execution

Malware replication in the network

Data exfiltration

Classify the security control types implemented by Acme Bank as either technical, operational, or managerial controls.

Acme Bank implemented all three control types as shown below;

Technical Controls

Advanced email filtering: Acme implemented this control to filter out malicious emails before they reach the employee’s queue.

Network detection system (NIDS); Acme Bank implemented this to detect unusual network activity within Theban systems and block further activity (IanIndexsy, 2023).

Security patches and updates: this was done by the bank to upgrade its security systems to ensure attackers do not have easy access to computer systems and resources.

Operational Controls

Asset inventory; the bank had to have a clear record of their assets to ensure security is implemented in all of them.

Access control was done by the bank to ensure employees and outsiders had different levels of access to the bank’s system and resources.

Training was done by the bank to ensure knowledge of threats, how to identify them, and their levels of impact.

Response plan: the bank created a clear incident response plan to ensure an attack is responded to faster to minimize risks.

Managerial Controls

Board oversight: Acme Bank improved its oversight of the bank’s board of management, which ensured better decisions were implemented that would improve the bank’s security.

Employing a new security team: Acme Bank employs a dedicated Chief Information Security Officer (CISO) who will oversee the overall security of the bank’s systems, ensure employee training, and hire an appropriate team to work under him.

Discuss the attack surface management that took place. Was it passive discovery or edge discovery surface management?

Edge security surface management was the type of attack surface management that took place in this scenario (Nolle, 2021). The email servers of Ace Bank were strategically positioned at the edge of the computer infrastructure to ensure seamless communication between internal and external systems to ensure focused security.

Describe the methods employed by Acme Bank to reduce the attack surface. Consider asset inventory, access control, patching and updating, network segmentation, removing unnecessary components, and employee training.

Asset Inventory: In order to comprehend and control its attack surface, Acme Bank kept an inventory of its assets.

Employee Training: Employees at Acme Bank received thorough training on how to identify and handle any security risks, such as phishing efforts.

Network Segmentation: Acme Bank separated its network into parts in order to lessen the effects of a possible hack and stop additional access, therefore lowering risks.

Patches and updates: this was done by the bank to upgrade its security systems to ensure attackers do not have easy access to computer systems and resources.

Access control was done by the bank to ensure employees and outsiders have different levels of access to the bank’s system and resources.

References

IanIndexsy. (2023, March 15). What is Network Intrusion Detection System (NIDS)? Sapphire. https://www.sapphire.net/cybersecurity/nids/

Nolle, T. (2021, November 8). Edge computing security risks and how to overcome them. IoT Agenda. https://www.techtarget.com/iotagenda/tip/Edge-computing-security-risks-and-how-to-overcome-them

 

Don't have time to write this essay on your own?
Use our essay writing service and save your time. We guarantee high quality, on-time delivery and 100% confidentiality. All our papers are written from scratch according to your instructions and are plagiarism free.
Place an order

Cite This Work

To export a reference to this article please select a referencing style below:

APA
MLA
Harvard
Vancouver
Chicago
ASA
IEEE
AMA
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard

Related Essays

The Importance of Biodiversity Conservation for Ecosystem Stability

Project Part One Introduction Significance of Biodiversity Conservation: Human activities have predicted the issue of biodiversity conservation to be a critical subject in the whole natural sciences because, through these activities, there is drastic biodiversity reduction. Habitat loss, over-exploitation of resources, unprecedented changes in climate, and pollution are losing biodiversity which holds all indications for ... Read More
Pages: 5       Words: 1232

A Comprehensive Investigation Into Challenges Faced by Individuals With Co-Occurring Disorders in Rural Areas

Introduction The persistent problem of addiction, together with the nature of co-occurring disorders, poses a significant danger to individuals’ lives, especially those living in rural areas. This research proposal addresses the critical void in addiction treatment, providing a comprehensive view of multiple issues that arise from co-occurring disorders among people living in rural communities. The ... Read More
Pages: 5       Words: 1245

Transitioning From a Student to a Nurse

New nurses sometimes find fitting into the new working environment very challenging. This period may be simultaneously characterized by happiness and joy, anxiety, stress, and frustrations. As they struggle to manage the anxiety of getting into the new workstation, employers are ever keen to establish if they can produce the intended results. Sometimes it becomes ... Read More
Pages: 4       Words: 1065

Mental Health and Drug Abuse

The manifestation of mental health and drug abuse has surfaced as an emergent social apprehension in contemporary Australia. Research studies have inferred a significant relationship between psychological maladies and substance dependence, whereby those with mental conditions display higher susceptibility towards drug addiction and vice versa (Saha et al., 2007; Kessler et al., 2011). One theory ... Read More
Pages: 8       Words: 2060

Relationship Between Leisure and Recreation

Introduction In contemporary society, people live in a world of uncertainty and difficult moments where the aspect of nature and the drive of leisure are more complex compared to decades ago. Like culture and art, leisure and recreation have essential role among diverse societies globally. Normally, both activities include persons, groups of individuals, teams, or ... Read More
Pages: 8       Words: 2135

Leadership Qualities of Florence Nightingale

Indeed, the works of Florence Nightingale are well known across the globe. The pioneering work of Florence Nightingale as a nurse during Crimea was actually enormous. Florence Nightingale during the Crimea war improved the healing process of victims during the war. Prior to the Crimea was. Florence Nightingales had already made herself her gifted healthcare ... Read More
Pages: 4       Words: 933
Need a plagiarism free essay written by an educator?
Order it today

Popular Essay Topics