P2 - Solar Sunrise - Document that was mandatory to get a good grade in the course PDF

Preview

Summary

Document that was mandatory to get a good grade in the course...

Description

Participation 2 Solar Sunrise Case Study Group members:    

Alessandro Cuadros Nicholas Nerys Prasiddha Shah Jackey Zhen 1. How were the attacks detected? Defense Department security systems reported multiple attempted break-ins to computers at Andrews Air Force Base. 2. What was the standard method of attack? Computers with the operating system Solaris 2.4 (or 2.6) installed were the main targets, exploiting a common vulnerability among UNIX systems that gave hackers easy root privileges. A cyberwar type of attack with the intention of disrupting military operations. 3. What did the DoD do to protect their computers once the attack was discovered? They started surveillance on the hackers. They acquired legal authority to intercept Internet traffic of the hackers and reconstructed their online sessions. 4. What lead allowed authorities to track down the culprit(s)? Following the trail of files stolen from the military site. File stolen from airbase were transferred to sonic.net. System managers at sonic.net receive complaint hacking assaults on Harvard and MIT launched through their site. And have already identified the hackers. During hacker’s chat session authorities followed electronic trail of the hacker in Israel. 5. Who was deemed ultimately responsible? Analyzer, also known as Ehud Tenenbaum, from Israel was deemed ultimately responsible for the attacks. Although there were two sixteen-year olds from California named Mak and Stimpy who were involved, Analyzer was the main culprit.

6. What happened to the culprit(s)? Mak and Stimpy were arrested, fined, and were given 3 years’ probation since they were underage. Analyzer was arrested through the Israeli law enforcement and charged with hacking the computer systems of the Pentagon and NASA. He was sentenced to a year and a half in prison. 7. According to the CSI, what is the cost of internet hacks? According to the CSI, the cost of internet hacks run from $100 million to $300 billion. Considering that the video is a case from the 1990s, it is clear that the costs of computer hacks are closer to $300 billion instead. 8. What recommendations are made to prevent future attacks? Recommendations to prevent future attacks include corporate America contacting law enforcement, turning on audit trails, capturing keystrokes and respond in a responsible way. Using the APT wheel (overleaf) and based only on the information provided by the video, to what extent could this type of attack be called an APT? Submit your answers on blackboard, and be sure to include the name of all group members. On the ATP wheel, I believe this hack can be classified as “Outbound connection initiated.” We do not think Analyzer, Mak, nor Skimpy obtained anything from the hack....