1.1.6 Lab – Cybersecurity Case Studies (Instructor Version)
Instructor Note: Red font color or gray highlights indicate text that appears in the instructor copy only.
Research and analyze cyber security incidents.
- Part 1: Conduct search of high profile cyberattacks.
- Part 2: Write an analysis of a cyberattack.
Background / Scenario
Governments, businesses, and individual users are increasingly the targets of cyberattacks and experts predict that these attacks are likely to increase in the future. Cybersecurity education is a top international priority as high-profile cyber-security related incidents raise the fear that attacks could threaten the global economy. The Center for Strategic and International Studies estimates that the cost of cybercrime to the global economy is more than $600 billion annually. In this lab, you will study four high profile cyberattacks and be prepared to discuss the who, what, why and how of each attack.
- PC or mobile device with internet access
Part 1: Conduct search of high profile cyberattacks.
a. Using your favorite search engine conduct a search for each of the cyberattacks listed below. Your search will likely turn up multiple results ranging from news articles to technical articles.
- The Stuxnet Virus
- Marriott data breach
- United Nations data breach
- Microsoft customer support database breach
- Lifelabs data breach
Note: You can use the web browser in virtual machine installed in a previous lab to research the hack. By using the virtual machine, you may prevent malware from being installed on your computer.
b. Read the articles found from your search in Step 1a and be prepared to discuss and share your research on the who, what, when, where, and why of each attack.
Part 2: Write an analysis of a cyberattack.
Select one of the high-profile cyberattacks from Step 1a and write an analysis of the attack that includes answers to the questions below.
a. Who were the victims of the attacks?
b. What technologies and tools were used in the attack?
c. When did the attack happen within the network?
d. What systems were targeted?
e. What was the motivation of the attackers in this case? What did they hope to achieve?
f. What was the outcome of the attack? (stolen data, ransom, system damage, etc.)