Cyber Operations Challenge
You work as a support contractor for a government agency as a cyber defense incident responder. As part of a large support team, you help to identify, analyze, and mitigate threats to the systems and networks of this government agency. Your company is up for a contract renewal this year.
During a log analysis review of the intrusion detection logs, you notice a trend where requests from an unknown IP address were attempting to access several databases across the network. In each case, access was denied for the first two weeks of the monitoring period, but over the last week, the user was successful in accessing the system and apparently downloaded several hundred thousand HR records that included personally identifying information (PII) from thousands of agency personnel and subcontractors.
You immediately notify your boss, Joe Dallas, who is also a support contractor working for the same company as you. You provide him with the documentation and ask for next steps. Joe seems upset with you for not reporting this incident sooner. You mention to him that you were off on vacation for the last two week and the logs weren’t monitored during that time.
As Joe looks closer at the incident, he determines that somehow root access was made available to the unauthorized user, making the situation much more concerning as the user may still have access to all of the systems throughout the network. Joe says he will review the situation with upper management and take appropriate action.
About a week later, you ask what the next steps are and how you can help resolve the matter. Joe says, “Don’t worry about it. It’s been taken care of.” As you review the logs, however, the problem still seems to be present with unauthorized access and data leakage of sensitive documents. In the meantime, you receive an email from the government customer asking you for a report on the status of the system security. From the message, it does not appear the customer has any idea that a security breach has occurred. What should you do? Please provide a rationale for your answer.
The final paper should be no more than five double-spaced pages, excluding the cover page and references page(s). Organize the paper in accordance with your preparatory steps, using these subheadings:
Title of Paper (centered and bold) There is no heading named “Introduction”
Tackle all the viewpoints
Explanation of the Issue (centered and bold)
What exactly is the issue that is being addressed here?
Analysis of the Information (centered and bold) what information do you have, and what don’t you have? How did this happen? What is the problem that resulted from these circumstances and why might there be different interpretation of the facts? What does the legal department do to get out of this situation? Look at all the facts. What’s available and what’s not available. Once you analyze the situation, the key thing here is the consideration on many viewpoints. The prospective could be based on the ethical issue, or the moral issue, or reputation issue. By choosing a perspective, try to outline the consequences that will rise from it. So based on your perspective, what decision will you make, what will be the consequences, and what are the recommendations.
Consideration of Alternative Viewpoints, Conclusions, and Solutions (centered and bold)
Once you have analyzed the situation, the key thing here is the consideration on many viewpoints. The perspective could be based on the ethical issue, or the moral issue, or reputation issue. By choosing a perspective, try to outline the consequences that will rise from it. So based on your perspective, what decision will you make, what will be the consequences, and what are the recommendations.
what assumptions will you make? What are your recommendations going forward? What are the implications ethically, morally, Business wise, legally? Make some research to back up your statements or ideas.
Conclusions and Recommendations (centered and bold)
It should be well reasoned.
If you have used any outside sources, you will include a References page in proper APA 7 format.