In my opinion, the threat that poses the most risk at
DBR is an advanced persistent threat (APT). One of the reasons I feel this way
is because although the methods that the hackers use to gain access into a
desired network are nothing unusual (e.g. social engineering techniques,
malware, backdoors, etc.), once they are inside the network, they are
constantly adjusting their methods in order to try and remain undetected
(Tankard, 2011).  They want to remain
undetected in order to gather as much desirable information as possible over a
long period of time (Rouse, n.d.; Tankard, 2011).  Therefore, they want to stay under the radar
versus getting into and out of a system quickly (Tankard, 2011).  Since they adjust their methods once inside
the network, it makes it very challenging for any organization to defend
against these kinds of attacks (Tankard, 2011).

is exactly the type of company anyone who would want to launch an APT would
want to attack.  DBR’s intellectual
property is extremely valuable.  As the
case study points out, DBR is at least 5 years ahead of the competition, has
recently released a new prototype, and is expanding into foreign state-run
offshore oil operations (Information Systems Audit and Control Association
(ISACA), 2014).  In addition, the
company’s current network infrastructure would be easy to invade.  A mix of Microsoft Windows and Linux
operating systems, local virus scanners, and a virtual private network (VPN)
managed by three information technology (IT) staff would be no match for the
advanced skill levels of those hackers that carry out APTs (ISACA, 2014).

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now