Homework Responses Wk 8

profileyellancnigg
YasirsPost.docx

Here we are, the last week of class, and for some, the last week of school, including myself.  For this week’s discussion, we summarize and analyze a business espionage case and create a security plan or a mitigation method to defuse the espionage act.

For this week, the case I decided to discuss took the FBI eleven years to uncover due to multiple factors, which I will discuss later. The two perpetrators in the case I am discussing hid their actions, such as intellectual property theft, extortion, computer fraud, and other crimes they committed on behalf of China. Li Xiaoyu and Dong Jiazhi worked for the Chinese Ministry of State Security, the equivalent of the CIA, for eleven years collecting intelligence, stealing intellectual property, and committing fraud. Both perpetrators hid their activities until they decided to penetrate the Department of Energy’s site to collect information and penetrate the IT network. They collected information that can cause enormous damage, such as admin accounts, usernames, and passwords from 2009 until 2020.

The due received training on hacking computer systems, stealing and transferring information, and extortion. Xiaoyu and Jiazhi extended their activities to the US and other countries, including Germany, the UK, Japan, and many other countries.  To accomplish their mission, the perpetrators evaded detection and collecting information by encrypting the data they stole in a RAR file format, exploited vulnerabilities in software, and targeted insecure configurations in applications.

In this case, Xiaoyu and Jiazhi are trained well on their tasks. They knew what information to steal, how to exploit vulnerabilities, and how to transfer information without detection. To mitigate the risk of a threat like the threat Xiaoyu and Jiazhi poses, security professional needs to implement physical access control measures and logical access control measures to prevent unauthorized access to the network and secured areas. Additionally, restricting access to information and conducting background checks before granting access to information play a role in such a case. While restricting access, physically and logically, to information mitigate some of the risks, it does not mitigate all the risks. Another way to mitigate the risk of exploiting software and applications is to ensure the InfoSec team and detection team is scanning for such vulnerabilities before releasing these applications and to fix the vulnerabilities as soon as they find out about them.

 

References

https://news.clearancejobs.com/2020/07/22/fbi-uncovers-11-years-of-chinese-economic-espionage/

https://www.justice.gov/opa/pr/two-chinese-hackers-working-ministry-state-security-charged-global-computer-intrusion