• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Security Architecture

MIS 5214 - Section 001 - David Lanter

Security Architecture

MIS 5214.701 ■ Spring 2022 ■ Jose Gomez
  • Homepage
  • Instructor
  • Syllabus
  • Schedule
    • First Half of the Semester
      • Unit 01 – Threat Environment
      • Unit 02 – System Security Plan
      • Unit 03 – Planning and Policy
      • Unit 04 – Cryptography
      • Unit 05 – Secure Networks
      • Unit 06 – Firewalls
      • Unit 07 – Mid-Term Exam
    • Second Half of the Semester
      • Unit 08 – Access Control
      • Unit 9 Host Hardening
      • Unit 10 Application Security
      • Unit 11 Data Protection
      • Unit 12 – Incident and Disaster Response
  • Deliverables
    • Assignments
    • Case Studies
      • Case Study 1 – A High Performance Computing Cluster Under Attack: The Titan Incident
      • Case Study 2 – Equifax Data Breach
    • Participation
    • Team Project
  • Harvard Coursepack
  • Gradebook
  • Zoom

In The News

January 13, 2022 by Jose Gomez 11 Comments

Contribute a link and a brief summary.

Filed Under: 02 - System Security Plan Tagged With:

Reader Interactions

Comments

  1. Kelly Sharadin says

    January 16, 2022 at 7:16 pm

    Pivoting on this week’s reading which highlighted Cyberwar and Cyber Terrorism, this recent article from Dark Reading reports on the recent takedown of notorious ransomware group REvil by the Russian government. The takedown was a joint effort between the Russian Federal Security Service and the United States, which terminated REvil ransomware-as-a-service infrastructure. Some analysts believe the move was purely political on Russia’s end to leverage bargaining with the U.S amid Ukraine tensions.

    https://www.darkreading.com/threat-intelligence/russia-takes-down-revil-ransomware-operation-arrests-key-members

    Log in to Reply
  2. Dhaval Patel says

    January 16, 2022 at 9:23 pm

    Ukraine was hit by a rather large cyberattack that took down about 12 government websites. This attack impacted UK, US, and Swedish embassies in Ukraine. The Ukrainian ministry of foreign affairs and the education ministry websites were two of the mentioned sites taken down. Ukraine’s SBU security service stated that no personal data was leaked, which is rather pleasing news as a message by the attacker/attackers was displayed stating information about Ukrainians has become public.

    https://www.infosecurity-magazine.com/news/ukrainian-government-offline-cyber/

    Log in to Reply
  3. Antonio Cozza says

    January 16, 2022 at 11:58 pm

    In addition to the previous post regarding the major cyberattack in Ukraine, there are new updates surrounding the matter. As the cyber attack that took down and defaced Ukrainian government websites was likely believed to be performed by Russia, Ukraine is now claiming that evidence suggests that it was carried out by Moscow, according to a statement by the Ministry of Digital Development today. Furthermore, Microsoft also has revealed that a number of the company’s systems in Ukrainian government agencies have been infected with “destructive malware disguised as ransomware.”

    https://www.aljazeera.com/news/2022/1/16/ukraine-claims-russia-behind-cyberattack-in-hybrid-war

    Log in to Reply
  4. Vraj Patel says

    January 17, 2022 at 3:28 pm

    The Colonial Pipeline attack that happened in last May 2021 was a result of a compromised password. The attackers were able to gain an access to the network through a Virtual Private Network (VPN) account. That allowed the attackers remote access to the Colonial Pipeline network. The account that was being used was not being used by anyone at the time of the attack. That account password was also being discovered on the dark web. The VPN account that was being used to access the Colonial Pipeline network was being deactivate and they didn’t also had multi-factor authentication set up for any of their VPN accounts. The attacker has stolen nearly 100 GB of Colonial Pipelines data. Colonial Pipeline has paid a ransomware of $4.4 million shortly after a hack.

    https://www.bloomberg.com/news/articles/2021-06-04/hackers-breached-colonial-pipeline-using-compromised-password

    Log in to Reply
  5. Patrick Jurgelewicz says

    January 17, 2022 at 8:36 pm

    Kronos, a human resource company responsible for helping companies manage payrolls and track employee time data, recently experienced a ransomware attack that affected multiple employers such as New York’s Metropolitan Transportation Authority, the city of Cleveland, the Oregon Department of Transportation and a number of universities, including the University of Utah and George Washington University. This attack targeted the Kronos Private Cloud and caused many employers to turn to issuing paper paychecks and manual records for a few weeks while the company worked with cybersecurity professionals and legal authorities to resolve the issue. Ransomware attacks continue to be a leading risk in today’s threat environment.

    https://www.securitysystemsnews.com/article/kronos-ransomware-attack-impacts-major-maine-employers

    Log in to Reply
  6. Lauren Deinhardt says

    January 18, 2022 at 1:13 am

    https://blog.executivebiz.com/2021/12/zscalers-stephen-kovac-fedramp-should-be-codified-and-funded/

    Tying into this week’s concepts of federal information system security, I found this article to be especially relevant. Stephen Kovac, the Chief Compliance Officer of Zscaler, an American cloud-based security company specializing in secure internet accessibility, discussed the importance in codifying the Federal Risk and Authorization Management Program (FedRAMP). Kovac referred to FedRAMP as “ ‘force multiplier’ for securing federal IT networks and systems, but challenges with a lacking in federal funding for the program would halt efforts. Especially given recent federal economic stresses, it is uncertain that the federal government would be willing to sign a legislation and allocate funds for the initiative. Information security at the government level is still at the “reactive” mindset approach, versus the proactive mindset–not many legislators want to spend funding on issues that are not “true issues” yet. Thinking from a business standpoint, there are thousands of contractors working with government entities. By prioritizing FedRAMP mandates, not only government entities, but also private corporations dependent on vendors will be forced to improve information security management programs; and thus foster an environment where information security “best practices” become regular practices.

    Log in to Reply
  7. Dan Xu says

    January 18, 2022 at 3:26 am

    Clinical Review Vendor Reports Data Breach. A cyberattack on the Institute for Medical Review in the United States (MRIoA) may have exposed the personal data of 134,571 individuals. The Medical Review Institute of America, based in Salt Lake City. Attackers breached their computer systems by exploiting alleged vulnerabilities in products made by SonicWall. The list of 31 MRIoA customers affected by the cyberattack is included in the breach report. “This has been resolved and the environment for MRIoA has been secured,” said a SonicWall spokesperson.

    https://www.infosecurity-magazine.com/news/clinical-review-vendor-data-breach/

    Log in to Reply
  8. zijian ou says

    January 18, 2022 at 7:10 am

    “How Buy Now, Pay Later is being targeted by fraudsters”

    Consumers increasingly utilise Buy It Now (BNPL) payment options to purchase online purchases. PayPal reports that using its new BNPL payment option increased U.S. sales by nearly 400% for consumers and 141% for U.S. sales during 2020. As a result, BNPL is currently the fastest growing payment solution for e-commerce in recent years and now accounts for 2.6% of global e-commerce sales. So while companies offering BNPL are seeing an increase in purchases and revenue, the payment options are also attracting fraudsters who are always looking for loopholes in payment systems and often target new techniques to make a profit at the retailer’s expense.
    BNPL products currently have no regulatory system to perform credit checks on customers’ finances. As a result, fraudsters disguise themselves as real customers and set up fake accounts for the first purchase, pay a portion of it, and then close the account upon receipt of the goods.

    https://www.helpnetsecurity.com/2022/01/18/bnpl-fraudsters/?web_view=true

    Log in to Reply
  9. Madalyn Stiverson says

    January 25, 2022 at 10:26 am

    As tensions rise in the Ukraine v Russia conflict, Russia warns that if the US gets involved, they will launch a comprehensive cyber attack that could range from simple denial of service to a severe attack on critical infrastructure. DHS says Russia’s capability for launching such an attack is high. Recently, we saw Russian-based hackers launch an attack on the Colonial Pipeline and meat supplier JBS causing significant delays. They were also responsible for the SolarWinds attack. In the past, they had launched attacks on the Ukraine power grid. Russia continues to target gaining access to critical US infrastructure.

    The US cyber defense is on high alert due to the current geopolitical landscape.

    https://abcnews.go.com/Politics/dhs-warns-russian-cyberattack-us-responds-ukraine-invasion/story?id=82441727

    Log in to Reply
  10. Kelly Sharadin says

    January 25, 2022 at 6:18 pm

    Much of this week’s reading focused on risk management through planning and policy objectives which includes meeting compliance. For information security compliance and regulatory requirement often have a reporting component for example GDPR has a 72-hour reporting requirement. In this article from Dark Reading, starting April 2022 US banks will now be required to notify federal regulators of within 36 hours when discovering any cybersecurity incident defined as anything impacting the CIA triad. Banks must notify a FDIC-designated officer however, a full root cause analysis is not necessary within the 36 hours and can be provided at a later point.

    https://www.darkreading.com/risk/u-s-banks-will-be-required-to-report-cyberattacks-within-36-hours

    Log in to Reply
  11. kofi bonsu says

    January 25, 2022 at 10:41 pm

    The article talks about planning for information security includes preparation to provide information security policies that will be the guidance for the whole information security program. Hence, to create the policy, management should first plan to determine a risk analysis on the information assets that ought to be protected. The risk analysis will establish the assets, determine risks to them, and assign a value to their potential loss. Doing this, management can make decisions on the policies that best protect those assets by minimizing or mitigating the risks. The final aspect of information security management is education and training of all employees to keep abreast with up-to-date security issues within an organization. In that regard, Management is primarily responsible for supporting the policy not only with its backing, but also by including policies and the backing for educating users on those policies. With security awareness training, users should know and understand their roles under the policies properly within organization regarding day-to-day running of an organization.
    https://www.pearsonitcertification.com/articles/article.aspx?p=30287&seqNum=3

    Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • 01 – Introduction (2)
  • 01 – Threat Environment (3)
  • 02 – System Security Plan (6)
  • 03 – Planning and Policy (7)
  • 04 – Cryptography (6)
  • 05 – Secure Networks (7)
  • 06 – Firewalls (5)
  • 08 – Access Control (7)
  • 09 – Host Hardening (5)
  • 10 – Application Security (6)
  • 11 – Data Protection (4)
  • 12 – Incident and Disaster Response (5)
  • 13 – Review (1)
  • 13 – Team Project Presentations and Review for Final (1)
Fox School of Business

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in