For this discussion, consider the business you selected for your course project.

by Caaltu · May 20, 2024

For this discussion, consider the business you selected for your course project. Pretend that while you were working to perform a risk assessment on the organization the unthinkable occurred – you discover it has been hacked (and may, in fact, still be under attack). At this moment, you have no idea how long this has been going on, the level of damage, the persistence of the hack, and what (if anything) has been compromised. You have learned that some hackers may gain access to network resources and stay relatively inactive until there is something of value to steal or exploit. Other hackers seek to embarrass or steal quickly, hoping to benefit immediately from the access gained. You do not know which type of situation you have, what type of hacker(s) you are dealing with, if it is a lone instance, or if there are multiple exploits across your organization’s vast network.
Now consider you found a way to answer at least some of these questions quickly. While you may not have all the answers, you have identified some characteristics of this hack and need a plan to move forward. Moving forward includes isolating all access and compromised systems, identifying hacking methods (what was successful and what was not), and determining if the hack is a compromise that must be reported per the governance required of your type of business or industry.
Create a basic plan of how you would identify the extent of the damage/access/breach.
Who/what has hacked your organization?
What was the goal?
What can you do to immediately triage the organization’s network?
What specific steps can be taken?
Who should be notified?
Do you alert your customers/patients/students/stakeholders?
***The selected line of business for my course project is digital forensics.***