Task 1 question

CYBERWARFARE

Competency 4028.1.1: Evolution of Cyberwarfare - The graduate outlines the changes to warfare with the evolution of cyber-related capabilities and technologies.

Competency 4028.1.2: Cyberwarfare Supporting Disciplines - The graduate analyzes the impact of cyberwarfare’s supporting disciplines’ interaction with overall combat operations.

Competency 4028.1.4: Cyberwarfare Actors and Threats - The graduate formulates appropriate strategies for dealing with current cyberwarfare actors and threats from a U.S.-centric viewpoint.

Task 1: Cyberwarfare History

Introduction:

Using the scenarios provided in each task, you will compose each of the three components of a cyberwarfare defense report. The defense report in its entirety should be written for the Department of Defense (DoD) Chief Information Officer (CIO). The defense report has been broken into three tasks, each task should be submitted independently for scoring. Your report should be formatted in Arial 12-point font and double spaced. For this task, you will write the cyberwarfare portion of the defense report, which should be 6–9 pages long.

Task 1: Cyberwarfare History and APT Profiling (suggested length of 6–9 pages)

Task 2: SCADA Network Evaluation and Defense-in-Depth Strategies (suggested length of 6–9 pages)

Task 3: Safeguards and Systems (suggested length of 2–4 pages)

Scenario:

You are a cybersecurity analyst that is part of the security team at Red Cell 637 Defense, a DoD contractor specializing in cyber operations and defensive strategies.

High-ranking federal government officials inform your team that recent intelligence shows an advanced persistent threat (APT) is performing active reconnaissance and is currently in the weaponize phase of the Cyber Kill Chain. The APT is believed to be looking at exploiting vulnerabilities against the computers that operate the Western Interconnection power grid. You are to assume that this APT originates from either a well-funded nation state or terrorist group. The APT has been able to probe and map the network over the course of several months during their reconnaissance phase. The officials have given your team access to classified intelligence indicating that the currently unidentified group is planning to install malicious malware within the grid’s computer network that will disrupt power to eleven states.

Your team has been asked to work closely with the DoD, Department of Homeland Security (DHS), and other federal stakeholders to strengthen the security and safety of the power grid and its related computer information systems.

The DoD has requested a review of cyberwarfare history related to critical infrastructures and power generation. As part of this report, you will determine who the likely cyberattacker is and create a complete profile of the tactics, techniques, and procedures (TTP), cyber-related capabilities and motivation, as well as the physical and logical access of this cyberattacker.

Requirements:

Your submission must be your original work. No more than a combined total of 30% of the submission and no more than a 10% match to any one individual source can be directly quoted or closely paraphrased from sources, even if cited correctly. Use the Turnitin Originality Report available in Taskstream as a guide for this measure of originality.

You must use the rubric to direct the creation of your submission because it provides detailed criteria that will be used to evaluate your work. Each requirement below may be evaluated by more than one rubric aspect. The rubric aspect titles may contain hyperlinks to relevant portions of the course.

A. Evaluate the evolution of cyber-related capabilities and technologies in warfare since 1998. Be sure to reference academic or scholarly research to support your findings.

B. Explain the characteristics of an APT, including specific examples of the tradecraft commonly used by an APT to accomplish its intended goals.

C. Explain how the characteristics of the APT in the scenario are different than the threats or attacks that would have been attempted before 1998, before widespread access to the Internet.

D. Describe where on the network an attack could originate. Provide specific examples based on general critical infrastructure systems (CIS) vulnerabilities to justify your claims.

E. Create a profile of an attacker who could execute an attack on the Western Interconnection power grid. Your profile should include research-based information about the attacker’s probable resources, capabilities, and physical and logical access.

F. Acknowledge sources, using APA-formatted in-text citations and references, for content that is quoted, paraphrased, or summarized.