CT114-3-3-VCS Comprehensive Technical Report on Stuxnet Cyber Threat

ASIA PACIFIC UNIVERSITY OF TECHNOLOGY & INNOVATION

CT114-3-3-VCS (Advanced Cyber Security)

Group Assignment

Intake: APU_APD3F2212CS(CYB-FRC)

Assigned date: Week 3

Mid Semester Progress: Week 7

Presentation: Week 13/14

Submission: Week 14

Assignment Question

This assignment will contribute 50% towards the module assessment marks and consists of a list of tasks as follows: Work in a team of 3 or 4. Find 1 recent data breach or cyber-attack related case study (2015 2022). Generate a comprehensive technical report with necessary evidence by completing the below tasks:

SECTION A (GROUP COMPONENT: 50%)

STUXNET ATTACK 2010

Critically analyze the important contexts in the selected case study and gather the following cyber threat intelligence on them:

Overview of the case study

Threat targets and potential impacts

Cybercrime profiling

Tactics, Techniques and Procedures (type of attack, attack vector(s) and vulnerability(s) exploited

Summary and conclusion (combining Section A and B)

SECTION B (INDIVIDUAL COMPONENT: 50%)

Devise a plan on simulating the attack - mimicking the likely attack paths and techniques used by malicious actors (with tool-based demonstration as proof of concept and screenshots as evidence) Breach and Attack Simulation Plan

Devise a plan on detecting these type of attacks (with tool-based demonstration as proof of concept and screenshots as evidence) Detection Action Plan

Find 1 memory dump/hard disk image/pcap files/live data gathering relevant/similar to your case study to look for any evidence of malicious activities and can be used as the forensics evidence. Critically analyse and present the findings with evidence containing traces of malicious activity (step by step screenshots and explanations) Forensics Analysis

Devise a plan on responding to incidents and capturing forensic evidence on these types of attacks. Suggest suitable prevention plan using any security technologies and propose suitable approaches to prevent these types of incidents happen in the future (Discussion might include Data Access Rights, Ethical Responsibility of IT Pros, Policies & Standards, etc.) - Incident Response Plan + Cyber Playbook + Prevention Action Plan

WARNING: DO NOT try the chosen tools or techniques on real systems! You should test and create your simulations by using Isolated/Testbed environments such as VMWare, Metasploitable, HYPERLINK "http://www.dvwa.co.uk/" DVWA, and etc.

Guidelines for the Report

Each group is required to conduct a research and provide a report on the afformentioned areas. The report must be typed with Times New Roman font and size 12 with approximate length of 8000 words (excluding diagrams, appendixes and references)

Document the results of your work in a professional and systematic manner and submit one soft copy per group. Your completed documentation should meet the following requirements:

Table of contents (for every section)

Introduction

Sections (with detailed findings and critical analysis)

Conclusion

References

Appendices (if any)

Workload matrix

Submission requirements

All report is to be submitted through the Moodle Online Submission.

Your report must be typed using Microsoft Word with Times New Roman font with 1.5 spaces.

The report has to be well presented and should be typed.

The report should have a one (1) margin all around the page as illustrated below:

Every report must have a front cover. The front cover should have the following details:-

Name

Intake code.

Subject.

Project Title.

Date Assigned (the date the report was handed out).

Date Completed (the date the report is due to be handed in).

All information, figures and diagrams obtained from external sources must be referenced using the APA referencing system accordingly.

Contents:

You must use enough of your own words to convince that you understand your own assignment. Evidence of originality in your writing reflected by the effort of paraphrasing and use of own personal expression in your individual analysis and evaluation.

You should not submit a copy and paste work as you may only be awarded at most a PASS even though a proper citations and referencing are given.

You must ensure that your writing is clear and concise as quantity does not always guarantee quality. Therefore, you should not expect by writing more will enable to get a high mark unless the information is presented with clarity and relevance with high degree of analysis and evaluation.

Marking Rubrics: (Group Component 50%)

Full Mark (100%) Distinction (80%) Merit 60%) Pass (40%) Fail (20%) Zero (0%)

Critical Analysis and Justification (20 marks) Exceptional critical evaluation on the selected topics with outstanding presentation of justification and validation presented on the discussed scenario and all other components A high-level critical evaluation on the selected topics with outstanding presentation of justification and validation presented on the discussed scenario and all other components Good critical evaluation presented on the selected topics with good demonstration of justification and validation presented on the discussed scenario and other components Minimal critical evaluation presented on the selected topics with satisfactory demonstration of justification and validation presented on the discussed scenario and all other components None or poor amount of critical evaluation presented on the selected topics with poor or no demonstration of justification and validation presented on the discussed scenario Zero critical evaluation

Summary and Conclusion (20 marks) Exceptional summary and conclusion which contains all the following: assumption based on case study, limitation, challenges, recommendations, and further enhancement with no missing details. Excellent summary and conclusion which contains all the following: assumption based on case study, limitation, challenges, recommendations, and further enhancement with no missing details. Good summary and conclusion which contains the following: assumption based on case study, limitation, challenges, recommendations, and further enhancement with some missing details. Average summary and conclusion done which contains some of the following: assumption based on the case study, limitation, challenges, recommendations, and further enhancement Poor summary and conclusion done which contains one or limited of the following: limitation, challenges, recommendations, and further enhancement Zero or no summary and conclusion done

Coherence, Integration and Documentation (5 marks) Exceptional quality of forming a unified documentation and integration of the sections is professional and natural. Exceptional document standards, Outstanding in organization of each section. Overall documentation has a professional outlook. Good quality of forming a unified documentation and integration of the sections is professional and natural. Good document standards, good in organization of each section. Overall documentation has a professional outlook. Satisfactory quality of forming a unified documentation and integration of the sections is professional and natural. Satisfactory documentation standards in most areas such as table of contents, referencing, page numbering, captioning, command of language. Adequate quality of forming a unified documentation and integration of the sections is professional and natural. Overall average documentation standards in table of contents, referencing, page numbering, captioning, command of the language, etc. Poor quality of forming a unified documentation and integration of the sections are professional and natural.Mostly poor documentation standards with missing components such as table of contents, referencing, page numbering, captioning, poor command of the language, etc. Zero or no quality of unified documentationNone, or wrong documentation standards

Referencing (5 marks) An almost professional documentation with exceptional format in documentation structure and referencing.The report follows a referencing style that complies with the format, and the in-text citations are made purposefully. All resources were cited and no plagiarism. A very good documentation with exceptional format in documentation structure and referencing.The report follows a referencing style that complies with the format, and the in-text citations are made purposefully. All resources were cited and no plagiarism. A good documentation with satisfactory format in documentation structure and referencing.The report follows a referencing style that complies with the format, and the in-text citations are made persistently. Resources were cited with some missing citation and details An acceptable documentation with acceptable format in documentation structure and referencing.The report follows a minimum referencing style that complies with the format, and the in-text citations are made clumsily. Some resources were cited but with missing or limited details. A poor documentation with poor format in documentation structure and referencing. The report did not follow any referencing style that complies with the format, and the in-text citations are missing. The resources were not cited, and details were not provided. Zero referencing

Marking Rubrics: (Individual Component 50%)

Full Mark (100%) Distinction (80%) Merit 60%) Pass (40%) Fail (20%) Zero (0%)

Technical Accuracy (10 marks) Exceptional accurateness on evaluating the selected topic with accurate solutions provided to solve the issues related to the scenario. All investigations, tests and experiments show high level of technical accuracy. High level of accurateness on evaluating the selected topic with accurate solutions provided to solve the issues related to the scenario. All investigations, tests and experiments show high level of technical accuracy. Good accurateness on evaluating the selected topic with good solutions provided to solve the issues related to the scenario. All investigations, tests and experiments show good level of technical accuracy. Acceptable accurateness on evaluating the selected topic with acceptable but weak solutions provided to solve the issues related to the scenario. Investigations, tests and experiments show moderate level of technical accuracy. Poor or inaccurate evaluation on the selected topic with wrong solutions provided to solve the issues related to the scenario. All investigations, tests and experiments show poor level of technical accuracy. Zero or totally inaccurate evaluation

Critical Analysis and Justification (20 marks) Exceptional critical evaluation on the selected topic with outstanding presentation of justification and validation presented on the discussed scenario and all other components A high-level critical evaluation on the selected topic with outstanding presentation of justification and validation presented on the discussed scenario and all other components Good critical evaluation presented on the selected topic with good demonstration of justification and validation presented on the discussed scenario and other components Minimal critical evaluation presented on the selected topic with satisfactory demonstration of justification and validation presented on the discussed scenario and all other components None or poor amount of critical evaluation presented on the selected topic with poor or no demonstration of justification and validation presented on the discussed scenario and all other components Zero critical evaluation

Presentation (10 marks) Admirable presentation and demo being performed covering all aspects of the selected topic. Show distinguished quality, demonstrating authoritative grasp of a security analyst and has the excellent ability to effectively proposing a solution model for the scenario Good presentation and demo being performed covering all aspects of the selected topic. Show distinguished quality, demonstrating authoritative grasp of a security analyst and has the good ability to effectively proposing a solution model for the scenario Satisfactory presentation and demo being performed covering most aspects of the selected topic. Show acceptable quality, demonstrating convincing grasp of a security analyst and has the good ability to effectively proposing a solution model for the scenario Acceptable but poor presentation and demo being performed covering some aspects of the selected topic. Show acceptable quality, demonstrating minimal grasp of a security analyst and has the minimal ability to effectively proposing a solution model for the scenario Very poor presentation and demo being performed covering limited aspects of the selected topic. Show poor or non-quality of presentation, demonstrating poor or inability to grasp of a security analyst and has no ability to effectively proposing a solution model for the scenario Zero or No presentation

Documentation (5 marks) Exceptional document standards, Outstanding in organization of each section. Overall documentation has a professional outlook. Good document standards, good in organization of each section. Overall documentation has a professional outlook. Satisfactory documentation standards in most areas such as table of contents, referencing, page numbering, captioning, command of language. Overall average documentation standards in table of contents, referencing, page numbering, captioning, command of the language, etc. Mostly poor documentation standards with missing components such as table of contents, referencing, page numbering, captioning, poor command of the language, etc. None, or wrong documentation standards

Referencing (5 marks) An almost professional documentation with exceptional format in documentation structure and referencing.The report follows a referencing style that complies with the format, and the in-text citations are made purposefully. All resources were cited and no plagiarism. A very good documentation with exceptional format in documentation structure and referencing.The report follows a referencing style that complies with the format, and the in-text citations are made purposefully. All resources were cited and no plagiarism. A good documentation with satisfactory format in documentation structure and referencing.The report follows a referencing style that complies with the format, and the in-text citations are made persistently. Resources were cited with some missing citation and details An acceptable documentation with acceptable format in documentation structure and referencing.The report follows a minimum referencing style that complies with the format, and the in-text citations are made clumsily. Some resources were cited but with missing or limited details. A poor documentation with poor format in documentation structure and referencing. The report did not follow any referencing style that complies with the format, and the in-text citations are missing. The resources were not cited, and details were not provided. Zero referencing