UKCBC IT LEVEL 3
Unit 11 - Cyber
Security & Incident
Management
Stefan Costadinov
Poptchev
,Threat 1 number.
Risk severity. Extreme
Threat title. Network is vulnerable to virus attacks because the anti malware
software isn’t up to date and configured.
Probability. Very likely because guests and staff are surfing the internet and
receiving emails, meaning the network will pick up a virus at some
point.
Potential size Major because once the virus in installed on the network then it of loss / could
slow down the network by taking all of the storage space or impact level. lock all the PCs
depending on the type of virus.
Explanation As there is mention of anti malware / anti virus software in the of the threat
scenario, we can assume that is none in place currently. Due to in context. the fact that
users are surfing the internet and receiving emails from clients and guests, it is likely that the system
will pick up a virus at some point if not already, because some of the emails might be phishing
attempts or users accidentally visiting an untrusted website which downloaded malware onto the
network. Moreover, a malware might be currently in the network but because there is no anti
malware software currently installed, the company might be unaware of that. This means all of
company’s data is under risk of being stolen.
Threat 2 number.
Risk severity. High
Threat title. Only one server available, No backups
Probability. Likely because the server will fail at some point as its mechanical.
Potential size Major because if the server goes down, the company won’t be of loss / able to save
anything in server and any changing in the data will impact level. be lost.
Explanation of The server stores confidential information about the company, the threat in
employees and customers. If it fails, then that means employees context. and company will not
be able to access the information that is stored on the server and any changing in data will be lost. If the
data gets deleted either intentionally or accidentally, the company will not be able to restore the data as
there is no backup server available. The lost data might have the company trade secrets and other
confidential information that is very vital for the company. If data gets lost, this could lead the business
,to suffer reputational and income loss as well as getting sued for not being able to protect the customer
information according to GDPR
Threat number. 3
Risk severity. Extreme
Threat title. Data stored on server is readable to everyone
Probability. Very Likely because if the server is hacked then the hacker can read the data
easily as its not stored in an encrypted format
Potential size of Major because server has confidential information about customers and
loss / impact company’s trade secrets, if these gets stolen then the business will have to suffer
level. several consequences
Explanation of Server stores confidential information about customer and trade secrets of
the threat in company. If this data gets stolen, then hacker can read it easily due to the fact
context. that it’s not stored in an encrypted format. As there is no mention of encrypting
the confidential data stored on server, we can assume that its not. After stealing
the data, hacker can then use stolen data for fraudulent purposes for financial
gain or reveal the information online to damage company’s reputation.
And because company don’t have any proper backups this means any stolen data
won’t be able to recover and any changes made in the data will be lost. (only
applies depending on scenario)
Threat number. 4
, Risk severity. High
Threat title. Files and Folders are not stored in Encrypted format
Probability. Likely because someone can get access to user’s PC using a virus/infected links
or a grudged employee may get access to some other employee’s PC if its left
unattended/unlocked
Potential size of Major because if the hacker or intruder get access to a high privileged
loss / impact employee’s PC then he can access all the files on the PC as they aren’t encrypted.
level.
Explanation of Just like the data stored on server isn’t encrypted, the files and folders in
the threat in employees and admin’s computer is not stated to be encrypted either. This means
context. if the hacker somehow gets access to the admin or employee’s PC which can be
done via infected links that installs keylogger onto the PC when clicked or a
grudged employee getting access to another high privileged employee’s PC, after
getting access to the PC the hacker can easily read, copy, modify or delete the
files and folders on that device as its not encrypted. Otherwise it will be hard for
him to get access to the information as it would require a decryption key which is
hard to generate.
Threat number. 5
Risk severity. High
Threat title. Wi-Fi connection is not encrypted; Outdated Protocols Used
Probability. Likely because the data transferring through Wi-Fi would be unencrypted and
can be intercept very easily since its readable to
Powered by TCPD F (www. tcpdf.org)
Introduction
Unit 11 - Cyber
Security & Incident
Management
Stefan Costadinov
Poptchev
,Threat 1 number.
Risk severity. Extreme
Threat title. Network is vulnerable to virus attacks because the anti malware
software isn’t up to date and configured.
Probability. Very likely because guests and staff are surfing the internet and
receiving emails, meaning the network will pick up a virus at some
point.
Potential size Major because once the virus in installed on the network then it of loss / could
slow down the network by taking all of the storage space or impact level. lock all the PCs
depending on the type of virus.
Explanation As there is mention of anti malware / anti virus software in the of the threat
scenario, we can assume that is none in place currently. Due to in context. the fact that
users are surfing the internet and receiving emails from clients and guests, it is likely that the system
will pick up a virus at some point if not already, because some of the emails might be phishing
attempts or users accidentally visiting an untrusted website which downloaded malware onto the
network. Moreover, a malware might be currently in the network but because there is no anti
malware software currently installed, the company might be unaware of that. This means all of
company’s data is under risk of being stolen.
Threat 2 number.
Risk severity. High
Threat title. Only one server available, No backups
Probability. Likely because the server will fail at some point as its mechanical.
Potential size Major because if the server goes down, the company won’t be of loss / able to save
anything in server and any changing in the data will impact level. be lost.
Explanation of The server stores confidential information about the company, the threat in
employees and customers. If it fails, then that means employees context. and company will not
be able to access the information that is stored on the server and any changing in data will be lost. If the
data gets deleted either intentionally or accidentally, the company will not be able to restore the data as
there is no backup server available. The lost data might have the company trade secrets and other
confidential information that is very vital for the company. If data gets lost, this could lead the business
,to suffer reputational and income loss as well as getting sued for not being able to protect the customer
information according to GDPR
Threat number. 3
Risk severity. Extreme
Threat title. Data stored on server is readable to everyone
Probability. Very Likely because if the server is hacked then the hacker can read the data
easily as its not stored in an encrypted format
Potential size of Major because server has confidential information about customers and
loss / impact company’s trade secrets, if these gets stolen then the business will have to suffer
level. several consequences
Explanation of Server stores confidential information about customer and trade secrets of
the threat in company. If this data gets stolen, then hacker can read it easily due to the fact
context. that it’s not stored in an encrypted format. As there is no mention of encrypting
the confidential data stored on server, we can assume that its not. After stealing
the data, hacker can then use stolen data for fraudulent purposes for financial
gain or reveal the information online to damage company’s reputation.
And because company don’t have any proper backups this means any stolen data
won’t be able to recover and any changes made in the data will be lost. (only
applies depending on scenario)
Threat number. 4
, Risk severity. High
Threat title. Files and Folders are not stored in Encrypted format
Probability. Likely because someone can get access to user’s PC using a virus/infected links
or a grudged employee may get access to some other employee’s PC if its left
unattended/unlocked
Potential size of Major because if the hacker or intruder get access to a high privileged
loss / impact employee’s PC then he can access all the files on the PC as they aren’t encrypted.
level.
Explanation of Just like the data stored on server isn’t encrypted, the files and folders in
the threat in employees and admin’s computer is not stated to be encrypted either. This means
context. if the hacker somehow gets access to the admin or employee’s PC which can be
done via infected links that installs keylogger onto the PC when clicked or a
grudged employee getting access to another high privileged employee’s PC, after
getting access to the PC the hacker can easily read, copy, modify or delete the
files and folders on that device as its not encrypted. Otherwise it will be hard for
him to get access to the information as it would require a decryption key which is
hard to generate.
Threat number. 5
Risk severity. High
Threat title. Wi-Fi connection is not encrypted; Outdated Protocols Used
Probability. Likely because the data transferring through Wi-Fi would be unencrypted and
can be intercept very easily since its readable to
Powered by TCPD F (www. tcpdf.org)
Introduction
