Waiting for answer This question has not been answered yet. You can hire a professional tutor to get the answer.

QUESTION

Your discussion posting assignment for this week is to examine how adversaries can exploit trusted vendor-to-consumer relationships and describe how they violate the CIA triad by providing an example

Your discussion posting assignment for this week is to examine how adversaries can exploit trusted vendor-to-consumer relationships and describe how they violate the CIA triad by providing an example of this happening (who, what, where, why, when, etc.). For instance, the NotPetya attack compromised an Ukranian tax accounting software called M.E. Doc then used it to spread malware onto every company that used this software. In another example, Target was hacked through a trusted contractor's system who was responsible for managing its HVAC system. If possible, provide examples where your APT actors has abused a trusted relationship to gain access to systems or stolen information from the  managed security service providers (MSSPs)  (sometimes just MSP) to enhance its evasion techniques. Alternative, a software supply chain attack would also count as a "trusted relationship". Note: a data breach does not count as a trusted relationship and will result in a score of 0 for the posting if you elect to use this as an example.For the purpose of this discussion, I'll bound the scope to software solutions (antivirus, finance/hr/account software, etc.),  MSSPs, or other 3rd party relationships between organizations. Any article/example re-use will be penalized at a rate of 10% of the grade per use i.e. 3 other students used the same example before you, which means the maximum grade you can receive on the posting is a 70%.  Also, please provide citations as applicable.

Write a response of 150 words to this discussion board

There are always risk when it comes to flying, but you also must wonder if your payment information would ever be stolen while booking a flight. That's exactly what happened with British Airways, Ticketmaster as some of you may know is an online ticketing company that allows you to book flights either online or through the app. In 2018 between August 21st and September 5th anyone who made a purchase through Ticketmaster were affected by this attack. Magecart was the threat actor, they used a customized JavaScript/digital card skimmer that were loaded from a compromised web server (Securonix Threat Research). The way this is done is by replacing the original JavaScript code with their own malicious JavaScript code. These guys have attack numerous websites such as Newegg, and Cancer Research UK. So, they are a clever bunch. Ticketmaster failed to keep their customers information safe which is a breach of confidentiality. Online ticketing services have to careful because there are always vulnerabilities, and threat actors waiting to steal important information.

Response/comment:

Show more
LEARN MORE EFFECTIVELY AND GET BETTER GRADES!
Ask a Question