CYBR7001 Fundamentals of Cyber Security

The University of Queensland  
CYBR7001 Fundamentals of Cyber Security  
Assignment 1 – Individual Work  
  
Due Date: 02 September 1400hrs (Brisbane time)  
Total possible score: 100 marks (which contributes to 35% of total CYBR7001 assessment score)  
Submission: Only via Learn.UQ Blackboard site. Submit only in PDF format. Remember to put your name and student  
ID on the submission document.  
  
Please observe strict academic integrity. All submissions will be checked by Turn-it-in for plagiarism and for original written  
content. Submissions with 20% or higher similarity scores will be flagged for disciplinary action.  
  
Part 1: Situation Assessment and Policy Brief (50 marks)  
In this part of the assignment, you will take on the role of policy adviser of Lucky Country (LC) as part of a  
hypothetical cybersecurity taskforce, preparing to brief the LC Prime Minister’s Committee on National Security.  
This assignment information document contains fictional information on the background and current situation  
involving a major cyber incident affecting systems. The attacks notionally take place in 2024. The scenario  
presents a fictional account of political developments and public reporting surrounding the cyber incident.  
  
The LC Prime Minister’s Committee on National Security needs information on the full range of response options  
available to them regarding this incident. Your team has been tasked with developing an appropriate course of  
action for them to recommend to the LC Prime Minister.  
  
You are to consider as facts the following pages for formulating your response.  
  
You will use the fictional scenario material presented to write a Situation Assessment and Policy Brief (no  
more than 2 A4-sized pages; Arial font size 10):  
  
Write an analytical policy brief that provides a concise assessment of the situation, addresses potential impacts  
and risks, and discusses the implications of the cyber incident. Describe policy considerations for different  
potential state and non-state actors and explore the course of action you are recommending in depth.  
  
The length of the brief is limited to two single-sided pages in length.  
  
Part 1 marking rubrics:  
- 15 marks – Quality of situational assessment and analysis depth  
- 10 marks – Quality of immediate/short-term recommendations  
- 10 marks – Quality of long-term recommendations  
- 10 marks – Clarity of communication to appropriate audience  
- 5 marks – Writing style, grammar, structure and formatting  
Keep these tips in mind as you are reading and considering your policy response alternatives:  
● Analyse the issues. The goal of this assignment is to grapple with complex issues and weigh the strengths and  
weaknesses of sometimes conflicting interests. Priority should be given to analysis of the issues and not to listing  
all possible issues or solutions.  
● Engage the scenario. Believe that the universe we have created is plausible and that the events that happen in  
it are realistic. Nevertheless, remember to think critically about the intelligence you have been provided and its  
provenance.  
● Think multi-dimensionally. When analysing the scenario, remember to consider implications for other  
organizations 代写 CYBR7001 Fundamentals of Cyber Security  and domains (e.g. private sector, military, law enforcement, diplomatic) and incorporate these  
insights along with cyber security.  
● Consider who you are, and who you’re briefing. You are cyber policy professionals briefing the upper echelons  
of the Lucky Country government, which happened to have a very similar cyber security ecosystem as  
that of its ally Australia. As such, you should be ready to answer questions on agency responsibility, provide  
justifications for your recommendations, and have potential alternatives ready. In other words, for ease of  
describing the organisations in the ecosystem, you may use Australian organisations/agencies (e.g.  
LCCSC likened to ACSC, or any organisation from the Patrick Fair overview) in your brief.  
● Be creative. Cyber policy is an evolving discourse, and there is no single correct course of action to the  
scenario information provided. There are many ideas to experiment with in responding to the crisis.  
Note: Most of this part of the assignment is based on and referenced from the Atlantic Council Cyber 9/12 cyber competition packages. All  
materials included are fictional and were created only for the purpose of this assignment. All scenario content is for academic purposes and is not  
meant to represent the views of the university, authors, or any affiliated organizations. All names and places, if relating to any real-world  
characters or places, are purely coincidental. If you score really well, we may nominate you to represent UQ at the next competition. J  
CYBR7001 Assignment 1  
2  
From: Lucky Country (LC) Cyber Security Centre  
Re: Vulnerabilities in Key LC Systems Date: August 5th, 2024  
As senior policy advisers preparing to brief the Prime Minister’s Committee on  
National Security on a developing threat to LC, I’ll let you know what her leading  
worries are.  
Based off initial intelligence, the Prime Minister has indicated that she is concerned  
about threat vectors concerning the status of LC electricity supply security and how  
it could affect the rest of the nation. There may be other threat vectors that the  
PM is not yet aware of.  
Given the unclear nature of the threat, the PM requests your team prepare a concise  
assessment of the ongoing situation and reporting. Your assessment should include:  
How or where the relevant systems could be vulnerable to exploitation, and  
what steps can be made to mitigate these vulnerabilities;  
An assessment of potential risks and impacts to consider if the vulnerabilities  
are successfully exploited; and  
Immediate and long-term responses the LC government can or should consider to  
address these vulnerabilities, taking into account the severity and likelihood  
of the threat.  
To provide this assessment and policy recommendations, you will apply your  
understanding of UQ’s CYBR7001 (e.g. elements of cyber security threats,  
vulnerabilities, technologies involved, law, foreign policy, international relations,  
criminology) to synthesize useful policy measures from limited information. Your  
recommendation must analyse the possible strengths, weaknesses, opportunities, and  
threats of your proposed response.  
As policy advisers, in formulating your response you will be expected to have  
considered, at a minimum:  
 All stakeholders when determining an action or recommendation, including the  
role of the government and private sector;  
 The long and short-term impacts of your recommendation;  
Which agency will be responsible for the action you have recommended,  
 Whether you can, or should, attribute the threat; and  
 The covert or overt nature of your response.  
Additionally, this message is accompanied by several documents that may assist your  
team in preparing a comprehensive policy recommendation for the task force:  
Tab 1 – LCNN Article #1  
Tab 2 – LCNN Article #2  
 Twitter feeds  
  
CYBR7001 Assignment 1  
3  
LCNN Article #1  
  
[Breaking] Devastating Power Outage Across Lucky  
Country’s East Coast  
5th August 2024 0600 hrs LCT  
  
Report by Jonathan de Souza  
  
A power cut has hit all cities and towns along the entire east coast of the Lucky Country. The blackout  
lasted just over five hours and started just before 11pm on 4th August 2024, causing service disruption  
and possible life loss.  
  
The blackout caused all traffic lights and telecommunication base stations to malfunction and essential  
services to run on backup generator power. Several traffic accidents have occurred across most cities  
along the east coast. At least three hospitals reported power outages after their backup power were  
depleted after three hours, causing disruption to hospital operating theatres and intensive care units  
(ICU).  
  
There have been unconfirmed reports of a handful of patients affected by the disrupted operations and  
social media coverage of the chaos at affected emergency departments.  
  
Prime Minister Michelle Macintosh said the blackout was attributed to the outage of the grid system  
linking the entire east coast of the country and cited possible cyber-attacks on the country’s grid systems.  
  
The PM has activated the LC Defence Force to assist in all affected areas. She also urged all citizens  
to remain calm and stay indoors wherever possible.  
  
The PM elaborated that the attack was likely caused by a state actor deploying an advanced persistent  
threat vector on the power grid’s industrial control systems. When asked by LCNN, the PM refused to  
name the state actor involved.  
  
Cyber security expert Professor Andrew Cole said the electricity and power supply industry has been a  
sitting duck to cyber-attacks for a long time, with power companies guilty of ignoring the risks repeatedly  
highlighted by the LC Cyber Security Centre and many cyber security professionals.  
  
He said that power companies are guilty of negligence and bad governance, since the attacks were  
similar to the attacks on the Ukrainian power plants in 2015 and 2016, the January 2024 Ukraine cyber-  
attacks on government websites, and more recently, a smaller scale series of power outages on LC’s  
Old North Wales (ONW) state in June 2024.  
  
The cyber-security company Information Security and Assurance Partners (ISAP) has linked the  
incident to the hack and ONW blackout in June 2024 that affected 225,000. It also said a series of other  
recent attacks in South America were connected.  
  
CEO of Power Lucky Country, Mr Bradley Wilson, the company managing the grid line on LC’s East  
Coast, denied these accusations and said that the company has passed all cyber security audits and  
is certified to the ISO/IEC 27001 cyber security standard.  
  
The chief police commissioner, Commissioner Wilfred Chan, urged all members of the public to remain  
indoors and report possible looting to the police.  
  
Access to electricity is a major contention as the price of electricity has risen sharply across the country  
despite the increased unreliability of the providers. The loss of power could impact essential services  
and businesses throughout Lucky Country. The debate seems likely to continue further still as the  
country enters one of the coldest winters on record.  
  
More to come…  
  
CYBR7001 Assignment 1  
4  
LCNN Article #2  
  
Lucky Country Announces Sanctions on the  
Democratic People’s Republic of Korrelle  
20th May 2024 0900 hrs LCT  
  
Report by Santokh Singh  
  
The Prime Minister of Lucky Country Michelle Macintosh has announced that Lucky Country will impose  
economic sanctions and bans on all petroleum imports and coal exports for the Democratic People’s  
Republic of Korelle (DPRK).  
  
With this announcement, Lucky Country has joined at least five other nations announcing similar  
sanctions on the country embroiled in years of conflict with its neighbouring countries. The move is  
likely going to impact the already-impoverished DPRK, which has largely depended on fuel imports for  
its local economy.  
  
United Nations experts said in key sections of a recently released report obtained on 10th May by LCNN  
that DPRK has also evaded sanctions through “targeted” cyber attacks against officials of 10 countries  
on the U.N. Security Council and on members of its expert panel. They did not elaborate or identify  
which of the 10 council nations were targeted.  
  
In the report to the U.N. Security Council, the experts said DPRK has maintained its nuclear facilities  
and continues to produce fissile material, including highly enriched uranium, that can be used in nuclear  
weapons. It has also continued “to develop infrastructure and capacity for its ballistic missile program”  
and moved ahead on construction of an experimental light water reactor, they said.  
  
CYBR7001 Assignment 1  
5  
Twitter Feeds  
  
(Note: Do not post these fictitious tweets online)  
CYBR7001 Assignment 1  
6  
Part 2 – Case Study (50 marks)  
  
In this part of the assignment, you will take on the role of Chief Information Security Officer (CISO) of Norsk  
Hydro when it was just struck by a cyber-attack.  
  
See: https://news.microsoft.com/transform/hackers-hit-norsk-hydro-ransomware-company-responded-transparency/  
  
You are encouraged to do your own research.  
  
Write an advisory (limited to 800 words) for the company’s senior management  
o Using the Lockheed Martin Cyber Kill Chain as a visual tool, detail the events which led to the cyber-attack.  
(5 marks)  
o Describe the actor(s), motivation(s) and vulnerabilities involved in this attack. (10 marks)  
o Recommended actions for the company. (10 marks)  
o In bullet point form, key things to note for a media press release to media companies. (10 marks)  
o Longer-term mitigation strategies for the company to prevent such attacks from happening again (hint: many  
strategies and approaches were described in the CYBR7001 lectures). (15 marks)  
  
(Note that the word limit is strict. Exceeding the word limit may result in penalties).  
  
End of Assignment 1  

posted @ 2024-08-31 12:16  l40t2j  阅读(1)  评论(0编辑  收藏  举报