ASSIGNMENT 1 FRONT SHEET

Qualification BTEC Level 5 HND Diploma in Computing

Unit number and title Unit 5: Security

Submission date Date Received 1st submission

Re-submission Date Date Received 2nd submission

Student Name Student ID

Class Assessor name

Student declaration

I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that
making a false declaration is a form of malpractice.

Student’s signature

Grading grid

P1 P2 P3 P4 M1 M2 D1
❒ Summative Feedback: ❒ Resubmission Feedback:

Grade: Assessor Signature: Date:

Lecturer Signature:
I. Introduction
I am an intern IT security specialist for a leading security consulting company in Vietnam called
FPT information security (FIS). The company works with a medium scale in Vietnam, consulting and
implementing technical solutions for potential risks of IT security. Most customers have outsourced
because of concerns about their security due to lack of technical expertise. As part of my role, my
manager Jonson asked me to do a presentation to help train junior staff in the tools and techniques
involved to identify and assess security risks. along with your organization's policies to protect your data
and devices.

II. Identify types of security threat to

organizations. Give an example of a
recently publicized security breach and
discuss its consequences (P1)
1. Definition threat
Inaccurately identifying cyber threats as flaws happens from time to time. When looking at the
definitions, "potential" should be the key phrase. No execution- or association-specific security flaws
exist in this threat. The security can be ignored rather something. This might qualify as a flaw, a genuine
shortcoming that could be exploited. Whatever the countermeasures, the threat still exists in general.
Nevertheless, there are countermeasures that can be taken to reduce the chance that it will be understood.
2. Identify threats agents to organizations

A security threat is an evil act that aims to disrupt an organization's systems, steal
information, or harm the entire organization. An event that could have exposed company information
or its organization is referred to as a security occasion. A security episode is also a circumstance that
leads to a data or organizational breach.

An IT project needs to keep an eye out for evolving and more sophisticated online security
risks in order to protect their data and organizations. They must first understand the different safety
risks they face in order to do that.

3. List type of threats that organization will face

3.1. Inside threat
Insider threats happen when people with ties to an organization purposefully abuse their access to
its internal network to harm the organization's crucial data. Malicious insiders try to get around
cybersecurity protocols to delete data, steal data for later sale or exploitation, interfere with business
operations, or cause harm.
3.2. Malware
Malicious software (malware) such as viruses and worms aims to corrupt a company's systems and
data.

- Viruses: A virus is a piece of malicious software with the ability to replicate by inserting itself
into a host program or file. When someone activates it to spread without the system or user's
consent, it will not function.

- Worms: A worm is a computer program that spreads by itself without requiring user interaction
or internal replication. A worm that enters the system replicates immediately, infecting networks
and computers that aren't protected.
3.3. Ransomware
In a ransomware attack, the victim's PC is typically encrypted and locked, preventing the victim
from using the device or the information stored on it. The victim must make a payment to the
attacker, typically in a form of virtual currency like Bitcoin, in order to regain access to the device
or information. Through malicious email connections, corrupted software programs, contaminated
external storage devices, and compromised websites, ransomware can spread.

3.4. Botnet
A botnet is a collection of Internet-connected devices, such as PCs, smartphones, servers, and
Internet of Things (IoT) devices, that have been infected and are in some way restricted by a common
form of malware. Typically, botnet malware searches the internet for vulnerable devices. The goal
of the threat actor creating a botnet is to infect as many connected devices as is prudent, registering
the power and resources of those devices for computerized endeavors that typically remain hidden
from the clients of the devices. These botnets are controlled by threat actors, usually cybercriminals,
who use them to send spam emails, participate in click fraud campaigns, and generate harmful traffic
for distributed denial-of-service attacks.
4. What are recent security breaches? List and give an example
with dates
- Rockstar games data leaked: On September, 2022 a hacker with nickname Lapsus$ have
breached into Rockstar games database server and gotten information of their ongoing projects
and users’ personal information that have been registered on Rockstar’s social network which
troubled them for a very long time. Luckily, the attacker has been arrested and revealed to be
only 16 years old boy, however, he had already published the data onto the Internet before was
arrested.
- Socialarks: In August 2021, Bob Diachenko, a Comparitech network safety expert, accidentally
discovered his own information online after discovering an unstable data set that contained the
personal information of millions of visitors to Thailand. The unprotected Elasticsearch data set,
which was ten years old, contained the personal information of over 106 million travelers from
around the world, including their date of birth, full name, sex, passport number, residency status,
type of visa, and arrival card number.
Diachenko alarmed Thai specialists, who were alerted to the incident and received information
the following day.
- Android Users Data Leak: Security researchers discovered the personal information of more
than 100 million Android users exposed in May 2021 as a result of a few cloud administration
misconfigurations. Unprotected continuously data sets used by 23 applications saw a rise in
downloads from 10,000 to 10,000,000, including resources for interior designers. Researchers
from Check Point discovered that anyone could access sensitive and private information,
including names, email addresses, dates of birth, talk messages, locations, orientations,
passwords, photos, installation information, phone numbers, and pop-up messages.

5. Discuss the consequences of the breach

A data breach can have as many different effects as there are types of breaches. It might only involve
one worker learning the salaries of his coworkers and threatening to file a lawsuit to demand a raise.
Alternately, it could be as serious as computer hackers or cybercriminals accessing the files on your
system and encrypting them before requesting a ransom.

If you've been staying updated on the news lately, you may have noticed that a number of data
breaches have been making headlines. These breaches frequently involve getting access to customer
data, including addresses, names, social security numbers, and even credit card numbers. Due to
lawsuits and lost business, these breaches could cost the affected companies millions of dollars.

Detecting, defining, and recovering from a breach can be a lengthy and time-consuming process for
an organization. Although the consequences of this type of leak can be devastating for larger
 corporations, they can spell the end of a small business. The best strategy is to be ready if it happens
and to prevent it from happening in the first place.

6. Some solutions to organizations

- Inform everyone about their role: It is critical that everyone knows what to do if they detect a
security threat. As an added benefit, workers will be able to understand the harm that a mistake
can cause, reducing the risk of information breaches caused by human error. It is also critical
that employees understand how to report a security concern and who is responsible for taking
additional steps in response to a breach. This will assist the company in identifying and
addressing any gaps in the program so that when a breach occurs, you can take control of it.
- Control data access wisely: Once you've determined that you have a legitimate business need
to keep sensitive data, take reasonable steps to keep it secure. Not every member of your team
requires unrestricted access to your network and the data stored on it. Consider separate user
accounts for your network to limit access to places where personal data is stored or to control
who can use specific databases. Access control for paper files, external drives, disks, and so on
could be as simple as a locked file cabinet. Administrative access, which allows a user to make
system-wide changes to your system, should be restricted to employees who are assigned to that
task.
- Teamwork: One of your top priorities should be to put together a well-oiled computer incident
response team (CIRT), with each member responsible for specific roles and responsibilities such
as threat monitoring, vulnerability assessment, and incident handling. A resource-constrained
organization may lack the skill sets to handle all of these specialty tasks on its own in many
cases, so partnering with an IR firm can be beneficial. Furthermore, especially after an incident,
your CIRT must collaborate with other business groups such as public relations, legal, human
relations, and the executive team.
- Have a data breach response plan: While preventing a data breach is always the primary goal,
your company must also have a plan in place for dealing with a breach. In some cases, the ability
to detect a breach quickly can save millions of dollars. Consult with a cyber security expert to
determine how to detect, contain, and recover from a data breach.
III.