Individual Assignment 3 - due Saturday, 25 March 17

Individual Assignment #3 Instructions:  Hacker Culture and MitigationCourse Objective:  Examine hacker culture and related psychological and cultural aspects of cybersecurity from both the malicious actor and user's perspectives.

Competencies:  Critical thinking, communication skills

Each student may choose one of the following organizations (e.g., a private company or a government agency), attack, or perpetrator and should identify a significant past incident in cybercrime or cyberwarfare related to it. The student will fully discuss the specifics of the cyber incident and analyze the motivation of the threat actors/attackers. Analyze the possible motivations of those who worked to defend assets against disruption, and describe motivations of any possible third-parties that may also have been involved. The student will also suggest methods for the organization to discourage hackers or intruders with similar motives and suggest management, policy or technology controls to protect the organization against similar attacks.  

Organizations, Attacks, and Perpetrators:

Home DepotTargetSonyOffice of Personnel ManagementSaudi Aramco Turbo Tax NASAOperation Aurora US Bureau of Justice StatisticsStuxnet and Flame (US Government?)Dupont ChemicalBoeing Johnson & Johnson

Pfizer 4ChanTricare MedicalOpi IsraelSonyNews of the WorldMotorolaOmega Engineering  Syrian Electronic Army Njrat The Jester Blue Army  Project Chanology The Estonian CyberwarShamoon (Iran?)

 Your paper should describe the type of incident and the actors: personalities, motivations, and other contributing cultural or psychological characteristics. You will find Module "Psychological Aspects of Cybersecurity" helpful with this assignment. Link your analysis to previous readings, interactive modules, and discussion topics, with appropriate citations.


At a minimum, the questions you must address are listed below:  a. What  descriptive labels might apply to this type of threat/incident? b. Regarding the threat actors:What sort of people would go after this information?Why would they want it?What will/can they do with it?How would they get it?How would potential attackers be identified? c. How would the organization try to discourage, or reduce the incentives that could attract possible threat actors? d. How would the organization protect against, or reduce damaging effects due to attempted attacks?   Length 5-7 pages, due at the end of Week 8.Prepare your paper in Word format. It should be double-spaced with one-inch margins all around. The citations and the reference list in the paper should be formatted in accordance with APA 6th edition guidelines. Papers must include: cover page, table of contents, introduction, section headings and subheadings, conclusions, APA compliant in-text citations and list of references, and page numbers. The page count begins with the introduction and ends with the conclusions.  The questions asked in the assignment should first be outlined (the outline is not included in the document), then the outline should be used to create the Table of Contents and the document sub-headings.  The Introduction should briefly preview each sub-heading in the document.

 Individual Assignment #3 Grading Rubic