Weekly Discussions

Number of references per task: 2 or 3

Task: 1

Let’s look at a real-world scenario and how the Department of Homeland Security (DHS) plays into it. In the scenario, the United States will be hit by a large-scale, coordinated cyber-attack organized by China. These attacks debilitate the functioning of government agencies, parts of the critical infrastructure, and commercial ventures. The IT infrastructure of several agencies are paralyzed, the electric grid in most of the country is shut down, telephone traffic is seriously limited and satellite communications are down (limiting the Department of Defense’s [DOD’s] ability to communicate with commands overseas). International commerce and financial institutions are also severely hit.

Q: Please explain how DHS should handle this situation.

Task 2:

In today's world, both government and the private sector are struggling to provide a secure, efficient, timely, and separate means of delivering essential services internationally. As a result, these critical national infrastructure systems remain at risk from potential attacks via the Internet.

It is the policy of the United States to prevent or minimize disruptions to the critical national information infrastructure in order to protect the public, the economy, government services, and the national security of the United States. The Federal Government is continually increasing capabilities to address cyber risk associated with critical networks and information systems.

Q: Please explain how you would reduce potential vulnerabilities, protect against intrusion attempts, and better anticipate future threats.

Task 3:

Attacks on our national infrastructure are already happening. And the expectation is that they will continue to increase at an accelerated rate. For this week's discussion, we'll cover threats to our nation's pipelines. To get started, read this article:

https://www.eenews.net/stories/1060054924

Q: After reading the article, discuss how the types of threats discussed in the article could impact our economy, and how implementing Diversity and Commonality (as discussed in chapters 4 and 5) could help mitigate these threats.

Task 4:

This defense in depth discussion scenario is an intentional cybersecurity attack on the water utility’s SCADA system. It occurs during the fall after a dry summer in Fringe City. The water utility’s Information Technology (IT) person did not receive an expected pay raise and decides to reprogram the SCADA system to shut off the high-lift pumps. The operator’s familiarity with the SCADA system allows him to reprogram the alarms that typically notify operators of a high-lift pump failure. In addition, he prevents access to the SCADA system by others. A wildfire breaks out on the outskirts of the city. Please identify what type(s) of new countermeasures should have been implemented to prevent this cyber attack from occurring.

Q: Discuss what type(s) of new countermeasures should have been implemented to prevent the cyber-attack described above from occurring. Be specific in recommending countermeasures for this scenario.

Task 5:

In this scenario, hackers launch cyber-attacks that affect several parts of the nation’s financial infrastructure over the course of several weeks. Specifically, sensitive credit card processing facilities are hacked and numbers are released to the Internet, causing 120 million cards to be cancelled; automated teller machines (ATMs) fail nearly simultaneously across the nation; major companies report payroll checks are not being received by workers; and several large pension and mutual fund companies have computer malfunctions so severe that they are unable to operate for more than a week. Identify the countermeasures that need to be implemented to prevent these cyber-attacks from occurring in the future.

Q: Discuss what type(s) of countermeasures need to be implemented to prevent the cyber-attack described above from occurring in the future. Be specific in recommending countermeasures for this scenario.

Task 6:

Chapter 6 discusses the concept of correlation. Assume that an agency has focused its system development and critical infrastructure data collection efforts on separate engineering management systems for different types of assets and is working on the integration of these systems. In this case, the agency focused on the data collection for two types of assets: water treatment and natural gas delivery management facilities.

Q: Please identify what type of critical infrastructure data collection is needed for pavement and storm water management facilities.

Task 7:

Chapter 7 discusses situational awareness. Much of the security efforts of the past have been centered on prevention and protection. The increasing sophistication of cyber-attacks have shown that no controls are 100% effective, and some compromises do occur. There is a rising realization that in addition to considering prevention and protection, controls that address detection and response are necessary to improve security posture.

Q: Please describe how situational awareness is a driver for detection and response controls.