E-Commerce

For the third case study, we will focus on the impacts that DDoS attacks have on the Availability of Internet-facing e-commerce, gaming/entertainment, social media/blogging web sites. You will research one of the following “Distributed Denial of Service or DDoS” significant cyber events that have occurred within the last ten years.
1) Iran Tied to DDoS Attacks Against U.S. Links to an external site. Banks Links to an external site.
2) Paras Jha (21-year-old from New Jersey), Josiah White (20-year-old Washington), and Dalton Norman (21-year-old from Louisiana) – who plead guilty to creating and distributing the Mirai Botnet. Several attacks peaked at more than 600 gigabits per second, and the attack against infrastructure provider Dyn in October 2016 exceeded one terabit per second: Justice Department Announces Charges and Guilty Pleas in Three Computer Crime Cases Involving Significant DDoS AttacksLinks to an external site.
3) DDoS attack against GitHub in 2018 exceeded 1.35 terabits per second. Links to an external site.
4) NETSCOUT Arbor Confirms 1.7 Tbps DDOS Attack – me cached reflection/amplification attackLinks to an external site..
This assignment will be broken down into several parts to maximize learning. The first part is to understand the “Victim” that was impacted by the DDoS Attack.
Write a minimum 900-word (not counting the title page) case study report document in the format mandated in the UCOL Style Guide (see the link to the guide document in the lower part of the course home page) with these four sections:
• Describe the background, history, organizational and leadership culture and risk appetite of the victim that was targeted. Did the Organizational Leadership communicate and demonstrate their cyber risk tolerance, appetite and influence the culture of the organization? Did the victim do anything to “provoke” the attack?
• Identify the victim’s security policies, procedures, technical security measures and relationship with their Internet Service/Hosting Service Providers that were in place to prevent or immediately respond to the DDoS threat from impacting them.
• Identify the motivation(s) of the Threat Agent. How was the Threat Agent identified?
• Using the publicly known cyber vulnerability reporting systems and the MITRE ATT&CK framework, map out the DDoS attack Tactics, Techniques, and Procedures (TTPs) used by the Threat Agent. Insert a table if you wish to identity and explain the relevant TTPs for your case study. Reflect on why and how the Threat Agent was effective in attacking the Internet-facing e-commerce, gaming/entertainment, social media/blogging web sites.
• Describe the response to the DDoS Attack – what was done to identify, assess, respond, and mitigate the attack? What information was used to make this decision? What role did the ISP/hosting service provider have in responding to and mitigating the attack? What were the lessons learned in responding to this attack? Where there any consequences to the Threat Actor or other considerations?
Case Study Annex: – Your paper should include two annexes that come after your conclusion to make the paper clearer. Unlike an Appendix which comes at the very end of your paper and should be referenced in the body of your paper, an Annex simply enhances the readers understanding of the paper’s content. Please use a separate page for each annex.
• For the first of these, you will need to build a Cyber Risk Register for a DDoS Attack against the Internet-facing e-commerce, gaming/entertainment, social media/blogging websites. Include three different possible scenarios/events that could occur. See example of a basic risk register (table 2-5) on page 57 of the CRISC book.
• For the second annex, create a DDoS Cyber Threat Incident Response Plan Annex. (This will be a list of bullet point tasks). Identify specific “DDoS” policies, procedures, technical security controls, executive management roles and responsibilities, decisions, checklists, communications plans (internal, external), legal considerations, external support, ISP/Web Hosting services engagement requirements, business continuity, and disaster response considerations.