Case Link: Russian National Indicted for Conspiracy to Introduce Malware into a Computer Network
1. In the case from the link above, what are some steps we can take to prevent such incidents from occurring?
2. How would you report this case if you were CISO of the company ?
3. Based on this type of malware hacking incidents, what laws could affect this type of cyber attack?
4. What are some punishments which would result from this type of case?
The best way to prevent such attacks in the future will be to make sure that there is separate infrastructure for security in place and users need to make sure not to share or use credentials for any reason other than what they are meant for. Updating software regularly and reporting as well as fixing any other issues like bugs or vulnerabilities is essential (How to Prevent Cyberattacks: Top Ways to Protect Yourself, 2020). Doing regular checkups and regularly making sure to fix issues while learning from past breaches is essential as well.
In order to report this attack, I would firstly towards making sure that I had an idea of the relevant government organizations that will be involved in the entire process. It will be essential to involve all relevant government, regulatory and federal agencies and report them all the incidents that have taken place (The Cyber Threat , 2020). The importance there is that they would be best equipped to advise how to move forward, how to work towards a solution and also learn from it to develop better and more developed infrastructure as well as put in safeguards to make sure the potential for issues in the future is reduced as much as possible.
Considering that the effort to gain access to private information was done in order to make sure that the information can be used for blackmail later opens up the issue to criminal prosecution. The first issue was hacking which applies the Federal Computer Fraud and Abuse Act which is the primary statute that prosecutes cybercrime and calls for civil and criminal penalties, according to its definitions this does apply (USA: Cybersecurity Laws and Regulations 2021, 2020). Considering that there was an attempt to gain access to unauthorized information as well as want to blackmail the sentence could range from 1 year to around 20 years in prison and depending on the type of information that could be further increased as well.
References:
How to Prevent Cyberattacks: Top Ways to Protect Yourself. (2020). Retrieved from Maryville University: edu/blog/how-to-prevent-c…”>https://online.maryville.edu/blog/how-to-prevent-c…
The Cyber Threat . (2020). Retrieved from FBI: https://www.fbi.gov/investigate/cyber (Links to an external site.)
USA: Cybersecurity Laws and Regulations 2021. (2020, 11 2). Retrieved from ICLG: com/practice-areas/cybersecurity-laws-and-regulations/usa” title=”https://iclg.com/practice-areas/cybersecurity-laws…”>https://iclg.com/practice-areas/cybersecurity-laws…
0 comments