Prompt Use Information Provided Scenario Analyze Cyber Security Occurrence Determine Tenet Q43860757
Prompt: Use the information provided in thescenario to analyze the cyber security occurrence and determinewhich tenet(s) were violated. The required resources for thismodule detail a scenario at RSA that is similar to the one you willanalyze for this assignment.
Review each module resource and analyze the security breach thatoccurred with RSA. Note similarities between this example and theprovided scenario for this assignment.
Scenario: In late May of 2011, Lockheed‐Martinwas targeted by a cyber attack. Lockheed‐Martin claimed that theydiscovered the attack early and reacted quickly, with the resultthat no real harm was done.
The basis for this breach was with two‐factor authentication, wherea “factor” in authentication can be something you know, somethingyour are, or something you have. A two‐factor authentication systemrequires you to present instances of two of these three toauthenticate with a system. Lockheed‐Martin employed a two‐factorauthentication system that combined a password (something you know)with SecurID, a system produced by RSA labs that provides the“something you have” factor.
A SecurID is a small key fob that displays a number, which changesevery 60 seconds. Each key fob has a unique number called its seed,which determines what number is shown in the fob at any given pointin time. The server stores your username, password hash, and theseed value for your key fob, and this allows it to determine whatnumber is showing on your key fob (as the fob is synched with youraccount). When you authenticate, you enter your username andregular password, then you look at the key fob and enter in thenumber shown there. The authentication server knows what numbershould be shown at that time on the key fob, and so can verify thatthe key fob is indeed a thing you have. This is called a one‐timepassword (OTP) system.
In March of 2011, someone attacked RSA with a relativelyunsophisticated phishing attack with an attached Excel file withembedded code that exploited a zero‐ day vulnerability in AdobeFlash.
This enabled attackers to set up a “backdoor”—a way for them to getinto the computer—where the attackers were able to steal from RSAthe seed values of SecurID key fobs.
In late May of 2011, the attack moved to Lockheed‐Martin, whereattackers managed to get a key logger onto a company system. Thekey logger recorded the username, password, and SecurID OTPs usedby the victim when he or she authenticated, along with the date andtime of the log in.
Two‐factor authentication is designed for just this kind ofscenario. The attacker cannot authenticate because knowing theusername, password, and an old OTP is not enough; the current OTPis required. However, these attackers stole seed values. For agiven seed value and date/time, they could calculate the number thekey fob with that seed value would display at that date and time.All the attackers had to do was to write a program that wouldcompute, for every stolen seed value, the number that would havebeen showing at the date and time the key logger recorded thevictim’s login. Once they found a match with the OTP the key loggerrecorded, they would have matched a seed value with a username.This appeared as if the attackers actually had the key fobsthemselves.
Expert Answer
Answer to Prompt: Use the information provided in the scenario to analyze the cyber security occurrence and determine which tenet(…
OR