Reference no: EM133263130
For each case answer the following questions. We should be addressing the given case, so your answers have to be specific.
Question 1 : Reason for this Successful Attack? What was the Vulnerability (Flaw or weakness that allows a threat agent to bypass security)?
Question 2: Attack Surfaces type?
Question 3 : Who Are the Threat Actors?
Question 4 : What can be done to Defend Against this Particular Attack ( So, it will not happen again) ?
Case 1: One of the local university's Student records databases was hacked. Apparently, a graduate student in the computer engineering department decided to show his skills to his friends to impress them. The student successfully enters the system by calling the help desk and pretending to be the new director of the student records department. During the phone call " I could not remember the password and do not want to call my supervisor. Would please do me a favor and remind me of my password?" . The IT Help desk person believed him and gave the password without following the University Security policy.
Then the student simply log in the database and updated the final grade exam of one of his friends.
Case 2: Hospital Patient Database: A hospital patient's allergy information (a doctor should be able to trust that the info is correct and current) was altered without authorization . A nurse before leaving hospital deliberately falsifies the patient's allergy data in the database to inflict damage to Hospital reputation. That was happened in the last day of her employment at Hospital. Some doctors gave wrong medication to the patients who latter suffered from complication of allergy and the medications. This wide spread incident was on the local news as well. The nurse was hired by new (Competitor local hospital) in the following week.