Research Paper on NSA Data Breach

Research Paper: NSA Breach

• NSA Data Breach by Shadow Brokers

This is a group that was reported to have surfaced in Jan 2017; the group claimed to have breached the spy tools of the National security Agency operation in the United States. The organization failed to control the situation and was faced with significant challenges. To prove their existence and the seriousness of the threat, the shadow brokers presented a sample of the alleged stolen data from the NSA servers and attempted to auction it to the biggest bidder. Additionally, on April 2017, the group marked their impactful release by threatening to sell the files to the highest bidder. Such activities have proven to affect the operation of the agencies and their need to formulate a necessary mechanism to counter the attacks (Kruse, 2017). The identity of this group of hackers is still unknown. Some of the issues raised about this group are the use of bugs in a commercial product for intelligence-gathering.

I have chosen to discuss this incidence because there are important things to learn about the event and the magnitude of the impact.Companies, individuals and government agencies are not safe from the attacks. If the organizations such as NSA in the United States can be hacked and threated then personal attacks have been happening, and these parties have destroyed many life’s both economically and socially (Kruse, 2017).

Another problem that makes the discussion useful is that most of the agencies and the companies affected by cyber-attacks remain silent after the incidents. This makes the problem even worse as the culprits can continue attacking and making threats. In the event the organization raised the alarm, other sectors would become an employee and put up security measures to counter any possible attack. The agencies are expected to notify vendors about any potential threats so as they can patch the vulnerabilities and protect their customers. These attacks can lead to events that can alter the relationships between countries and the companies.

WHAT IS NEEDED

Your final paper should be 8-10 pages long (double-spaced in a reasonable font size). It will answer the following questions about the cyber attack that you are researching:

1. Who (organization/company/individual) was the target?
2. What was the goal of the attack?
3. How was it discovered?
4. What were the effects/results of the attack?
   • What kind of disruption occurred – stoppage of service? loss of data?
   • Was the attack successful in its goal?
5. How was the attack done?
   • For this question, refer to the Cyber Kill Chain as a guide. As well as you can, indicate how closely the attack followed this pattern.
   • Some cyber attacks have more information than others made public. Do your best to find out the details of the attack you are studying.
6. What has been done to mitigate the effects of the attack?
   • What has the target organization done after the attack was identified?
   • If customer data was involved, how was this addressed?
   • What changes have been made to systems or procedures in the wake of the attack?
7. What lessons can be learned overall from this attack?
   • What can other organizations do to avoid attacks like this?
   • What can individuals (customers) do to avoid losing data or service if a company with whom they do business is the victim of this kind of attack?
8. Other interesting / pertinent information
   • If there is anything else about this particular attack that you think is important, please include it in your paper.

You can use whatever format you like for your paper and answer the above questions in any way that works. Your paper will be graded on the following criteria:

• How well it answers the questions above
• Good use of references
• Good flow in the paper. Sometimes the use of labeled sections can help to make a paper more readable. This is not required, but may help in organization of ideas as well.

Notes on choosing sources:

Please choose your sources carefully. Here are a few tips that you can use when doing your research.

• If you use a web site as a source, be sure that it is verifiable and reliable. For information about how to choose web sources wisely, see these links:
  • Johns Hopkins University Library – Evaluating Information Found on the Internet – http://guides.library.jhu.edu/content.php?pid=198142&sid=1657518
  • UC Berkeley Library – Evaluating Web Pages: Techniques to Apply & Questions to Ask – http://www.lib.berkeley.edu/TeachingLib/Guides/Internet/Evaluate.html
• DO NOT use Wikipedia as a source for your paper. While Wikipedia can be a valuable reference for learning about a lot of topics, it is not a primary source. You may use Wikipedia for basic information, but for citations for your paper, you may want to look at the list of citations on the Wikipedia page for your sources.
• If you choose to cite a blog post, be sure that you indicate that it is a person’s opinion and not necessarily fact. If the blogger is a reliable expert on your topic, make sure to note this in the paper or in the reference citation.
• Be careful when citing commercial web sites for facts about a product. While these sites will not necessarily state anything untrue, it is likely that the information will be skewed with a bias towards the company’s own products.