Chapter 7, “Discretion” Chapter 8, “Collection”
In this scenario, hackers launch cyber attacks that affect several parts of the nation’s financial infrastructure over the course of several weeks. Specifically, sensitive credit card processing facilities are hacked and numbers are released to the Internet, causing 120 million cards to be cancelled; automated teller machines (ATMs) fail nearly simultaneously across the nation; major companies report payroll checks are not being received by workers; and several large pension and mutual fund companies have computer malfunctions so severe that they are unable to operate for more than a week. Identify the countermeasures that need to be implemented to prevent these cyber attacks from occurring in the future.
1) Create a new thread. As indicated above, discuss what type(s) of countermeasures need to be implemented to prevent the cyber attack described above from occurring in the future. Be specific in recommending countermeasures for this scenario.
Evaluate collection methods necessary for computing components (e.g., network infrastructure, servers, and workstations) for evaluation and storage in a SIEM.