a 3 page written report.
The project is entitled “Attack, Vulnerability, Mitigation” or “AVM” for short.
I would like for you to go out into industry websites or publications and identify a recent attack and analyze it. I suggest looking at websites similar to these listed below:
- FireEye (Specifically Mandiant)
- Kaspersky Labs
- McAffee/Intel Security
- Dark Reading
I would like to know information like:
- What is the name of the attack?
- Is it part of a targeted campaign or a much broader “spray and pray” operation?
- What type or organization(s) are being targeted?
- How does the attack happen? What does the malware do? (i.e. Phishing campaign followed by download and replication of malware via worm?) Specifically what are the names and attributes of the malware?
- What are the vulnerabilities the attack exploits? (Buffer overflow? SQL Injection? etc.)
- What are some of the mitigation strategies?
- Using the NIST 800-53 Control Catalogue, please give me at least six controls that would have helped mitigate against the attack and a description of why.
Please be prepared to give a five to seven minute presentation to the class on your attack and findings. Additionally please prepare a three to four page written summary of the attack and accompanying analysis.