Answers each part in different page
Use in-text reference where appropriate and follow Harvard style. Include the bibliography at the end
- The modern cyber-attack strategy has evolved from a direct attack against a high-value server or asset to a patient, multi-step process that blends exploits, malware, stealth, and evasion in a coordinated network attack. Discuss the different malicious threat actor groups in the cybersecurity landscape and their rationale of the attacks with short examples.[10 marks]
- Tina owns a small online shopping business with 3 employees in Canberra. She knows hacking is a general term for a variety of activities that seek to compromise computers and networks. She would like to keep her business safe from hackers. What are the steps she should take to run her business safe from the hackers? Would hacking constitute a criminal offence in Canberra? If so, please provide details of the offence, the maximum penalties available the jurisdiction?[10 marks]
- Bruce consulting company has 15 employees working for external clients. Due to the COVID -19 pandemic, the management allowed the staff members to work from their home. They can take the work laptops to home or use their own devices instead. The staff members are required to use computer/laptop/mobile, smart board, Smart TV, and Multi-Functional Devices (e.g. printer, scanner). Often the management team organizes the staff meeting using zoom or similar meeting tool e.g. MS Teams. The daily activities of the staff require them to use the computing devices for accessing and storing their files securely in their folders (individual works) and a shared folder (files required for all), as well as all the regular digital activities e.g. reading, writing and sending emails, prepare reports using Office software and several other software applications, (for some, make financial transactions for the clients).
You are required to identify and analyse the cyber security risks for the Bruce consulting company (which involves allowing people working from home) and assess the likelihood and potential consequence of each identified risks, determine the level of risk rating and prepare a risk matrix.