Potential Targets Responses

Provide (3) 150 words substantive response with a minimum of 1 APA references for RESPONSES 1, 2 and 3 below. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet deadline.

RESPONSE 1:

I would imagine myself as a state-sponsored actor planning an attack on a fictional country. The target I would select would be the supervisory control and data acquisition (SCADA) systems on national resource companies. I would use weak security on the SCADA systems to infiltrate different industrial systems that control physical switches. I would mimic the attack that happened last week that attacked the Colonial Pipeline gas pipeline going up the east coast (Greenberg, 2021). The difference would be I wouldn’t have put ransomware on the system since I am a state-sponsored actor; I would try to input false information into the PLCs within the network. One example would be to input false information into a pump pushing the gas stating that the pressure of the gas coming out was less than what it should be experiencing. This would cause the pumps to work harder trying to hit the pressure they should be at. Eventually, the pumps would overheat and fail, causing the shut down of the pipelines. This type of attack could potentially cause a disruption of natural resources that the county I am a part of could then sell its own natural resources at a higher cost to gouge the country experiencing the shortage in a specific region that is being affected by the hacking. I would choose a country with relaxed guidelines on infrastructure systems hardening. The hope would be the SCADA systems would be located on an unsecured network that would be easily accessed by spoofing an internal IP address to gain access to local resources. It would be better to ensure deniability since the attack isn’t meant to physically harm anyone but to extort the nation of financial means.

-ANDREW

References:

Greenberg, A. (2021, May 8). The Colonial Pipeline Hack is a New Extreme for Ransomware. Wired.

RESPONSE 2:

This week i am going to be taking the role of a terrorist organization that is attacking a country to cause the most up roar possible. Since i a a terrorist in this situation the biggest concern for me is to cause the biggest and most server attack I can to this country. Well what is something that most people use on a daily bases and many need to live a functional life in todays world? That would be electricity and attacking the power grid can cause a extremely terrorizing event that leads to many deaths an mass panic across the targeted country. It would take a team of highly skilled hackers and lots of funding to pull off such an attack if it is even possible. Also recruiting of an insider would be the best option to insure the attack is success full. Choosing a insider someone who is in finical debt or can be black mailed would be the best to persuade to be the insider threat. The goal would be to overload and shut down multiple power stations that causes an over load on the entire power grid causing it to crash the entire country’s power shutting it off. If an entire country’s power was shut off the chaos that would follow would be detrimental to the country. There would be many deaths and panic would spread leading to rioting and looting across the country. Essential supplies would be bought up and even stolen as well as an overload for emergency services. The biggest thing that would effect this plan is the amount of security in place to protect the power grid of the country. Since this is such a vital utility it is heavily protected from this exact thing.

-JACKSON

SANS (2001) Can Hackers Turn Your Lights Off?  The Vulnerability of the US Power Grid to Electronic Attack from the SANS Institute website:   

RESPONSE 3

As a terrorist, I would select military information as a cyber target. To attack the military systems, I would hack into the servers containing important information communicated by the military personnel regarding the country’s security. The technology available for military personnel is very advanced and gives access only to senior security officers responsible for the country’s security. The systems are well automated to detect any potential security threats that might not be authorized to access the information (Jarvis et al., 2017). To have a positive outcome, I would devise a better plan that contains advanced measures than the one available for the military at the moment. I would also use critical servers currently available to hide any form of identity that might expose my identity before completing the task. Better technologies are available that have not been adopted in significant security software, making the military more vulnerable to terrorist threats. The high levels of corruption in major military bases would also be effective in accomplishing my task and finally making a breakthrough in hacking the systems and gaining critical information that the highest-ranking officers should also know. It would be better to ensure the deniability of my attack to avoid future consequences. This would make it hard for the responsible authorities to take any action against my deeds.

QUESTION:  I think your plan would be very successful because even if the cyber attack was not as effective as you hoped for.  The fact that it created confusion, fear, and misunderstanding among the local populace maybe enough.   Would attempt to do this again?  Or look for another target?