Sign In
Not register? Register Now!
Essay Available:
Pages:
4 pages/≈1100 words
Sources:
Check Instructions
Style:
APA
Subject:
IT & Computer Science
Type:
Case Study
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 24.3
Topic:

Incident Response on Virus Attack

Case Study Instructions:

Review the case study, Tale of a Virus Attack, and identify what the CIO did well to respond to the incident and what she should have done during recovery operations. Note there are several pages to this case study (use this url: http://www(dot)cio(dot)com(dot)au/article/44059/virus_outbreak_-_true_story/). The slides should assist you in identifying the appropriate steps for responding to an cyber incident.

Additionally, do you think the CIO should have been fired. Provide a justification for your decision.

Upon completion of this chapter you should be able to:

–Understand the steps involved in incident reaction and incident recovery.

–Define the disaster recovery plan and its parts.
–Define the business continuity plan and its parts.
–Grasp the reasons for and against involving law enforcement officials in incident responses and when it is required.
–Understand procedures and forensic tools available to recover data.
•The term “Computer Forensics” was coined back in 1991

•Computer forensics deals with the application of law to science – the science is computer science

•Computer forensics has been describes as the autopsy of a computer hard disk drive

•Deals with the preservation, identification, extraction and documentation of computer evidence

•Incident response planning covers the identification of, classification of, and response to an incident

•An incident is an attack against an information asset that poses a clear threat to the confidentiality, integrity, or availability of information resources

•Attacks are only classified as incidents if they have the following characteristics:

–Are directed against information assets

–Have a realistic chance of success

–Could threaten the confidentiality, integrity, or availability of information resources

•IR is more reactive, than proactive, with the exception of the planning that must occur to prepare the IR teams to be ready to react to an incident
Case Study Sample Content Preview:

Incident Response
Student’s Name
Institutional Affiliation

Incident Response
In the digital era, no computer security expert or a chief information officer (CIO) can guarantee that a particular system is 100% secure. In 2001, Jane Smith, the CIO of a New York-based global retailer, encountered a devastating attack that halted the organization’s operations for days. Virus attacks are inevitable, and every firm should be ready to handle such incidents when they occur. Indeed, panicking can only cause more damages to a company, which is why the CIO and security experts should focus on how to eliminate the malware or virus attacks. Based on McAfee’s Anti-Virus Emergency Response Team (AVERT) report, every month, between three and seven businesses call the McAfee Company to report new viruses, which sometimes take down thousands of computers. Computer Economics, a United States of America (USA) based firm, said that in 2000, approximately $17.1 billion were damages caused by computer viruses worldwide (Scalet, 2001). As such, no firm is completely safe from malicious attacks, even if it has the best security experts. Besides, computer networks have loopholes or security vulnerabilities, which hackers use to penetrate the system. Smith responded so well to the virus attack that halted the daily operations of the company since she followed the right incident identification and recovery procedure, which is the reason why the firm should not have fired her but probably increase her salaries.
The virus attack was first-identified on January 9, 2001, when 20 employees were working on a particular spreadsheet at a satellite office and noted that it was misbehaving (Scalet, 2001). When Smith reported at work, she affirmed that the symptoms resembled those of a typical macro virus. As such, the CIO was on point from the beginning. Once she noted that the spreadsheet was misbehaving, she instructed all infected users to sign out from the network. At this point, it is clear that Smith did not take the firm’s security for granted, particularly if it involved the company’s computer network. The only thing she forgot to do was telling security experts to update the virus definition files. The National Institute of Standards and Technology (NIST) depicts that isolating pertinent systems from the external influences is crucial to prevent the system from further damage, which is what Smith did (Kent, Chevalier, Grance, & Dang, 2006). The failure of updating the firm’s antivirus enabled the Demiurg virus to spread from dozens to hundreds of computers. Since the information and technology (IT) staff knew nothing about the virus during the incubation period, their action of rebooting machines enabled the virus to replicate further such that it began to generate error messages on many computers. Another most significant thing that the CIO did was turning off her computer when she found out that it was infected with the virus in its hard drive.
In class ten, a subsection known as the incident containment strategies, it is clear that before containing any attack, one must identify the affected information systems. For an organization to stop the incident from spreading, it can disable the affected cir...
Updated on
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:
Order

👀 Other Visitors are Viewing These APA Case Study Samples:

HIRE A WRITER FROM $11.95 / PAGE
ORDER WITH 15% DISCOUNT!
Order Now