Applied sciences edmg600- week 4: scenario 2 part 1 & 2 assignment | EDMG600 | American Military University - Charles Town, WV

Applied Sciences EDMG600- Week 4: Scenario 2 Part 1 & 2 Assignment Tuffour.saInstructions Week 4: Scenario 2 Part 1 & 2 Assignment

EDMG Gen-AI Specific Policy:

Before beginning this assignment, be sure to read this EDMG Gen-AI Specific Policy. The link will provide you with the information needed to properly use AI. This assignment assesses CO-4, CO-5, & CO-6. Based on the information provided in week 3, scenario 2: part 1 and week 4, scenario 2: part 2, you will answer a series of questions concerning the issues around initial indications and reporting. Identify any additional requirements, critical issues, decisions, or questions you may have at this time. Directions For this assignment, answer the following questions over Scenario 2, Parts 1 & 2.

• Review Week 3: Scenario 2 Part 1 and Week 4: Scenario 2 Part 2.
• In an MS Word document, answer the following questions. Title each section with the question.
• Based on the existing threat, what should be the priority for the Bunnyville Hospital Biomedical Engineering (BME) regarding equipment misreporting?
• Based on the existing threat, what should the Bobsville emergency management program do as the threats and attacks begin?
• What is the priority of cyber preparedness, including cybersecurity, within Bobsville?
• Describe how local law enforcement and cyber threat information-sharing mechanisms, products, and other considerations should be communicated with businesses and critical infrastructure partners.
• At what point would you contact law enforcement? For situational awareness reporting?
• Submit the MS Word document under Assignments. Name the file "EDMG600Week4_YourLastName.doc/x"

Submission Guidelines

• Upload the MS Word document under Assignments.

Resources & Supports

• Week 3 Scenario 2: Part 1
• Week 4 Scenario 2: Part 2
• Office 365: Learn how to obtain Office365 access on the University Guidelines & Resources page, under Required Software & Technology.
• Submitting and Confirming a Submission: Watch this 3-minute video if you need guidance on submitting your assignment.

Scenario 2: Part 2

Initial Indications and Reporting: September 2023 September 9 Information Security Officers (ISO) at the Bunnyville Hospital have been reporting to the Bobsville emergency manager that the network is experiencing sporadic system slowdowns and degradation to administrative operations. They are unable to determine the cause and extent of the problem. They are working to try and fix the issue. September 10 Flow analysis from several critical infrastructure providers in Bobsville at departmental levels reports functions and networks showing traffic to unknown sites at traditionally low traffic times. September 11 On a CISA conference call, a "coast is clear" was issued on reported vulnerabilities. Bobsville and Bunnyville Hospital computer administrators are encouraged to ensure all firewall and antivirus software is current, monitor networks and websites, and install patches. Bunnyville Hospital was also encouraged to include scanning of isolated Bio-Medical Devices (BMD) networked devices. Unknown to the OIT personnel, they inadvertently shared the malware embedded in the patches onto BMD devices when they scanned the BMD devices. September 12 Bobsville's mayor's office received a threat against the power utility control systems from unknown persons. The threat stated that the nuclear power plant just outside of Bobsville would suffer a hot shutdown and that the people of Bobsville would experience the wrath of a radioactive meltdown of the plant core. September 13 At 0815 hours, the FBI was informed of a cyberattack on critical utility infrastructure throughout the nation. The Town of Bobsville has not experienced any actual Trojans or Denials of Services (DOS) on its critical infrastructure from the cyber-attack. September 13 The Bobsville University security personnel reported that student biographic room access cards were not working. Students also report that the cards' Personal Identifiable Information (PII) is compromised as they receive calls from credit card companies to verify information for credit card applications. September 13, 2023, 8:20 AM The University and local schools start reporting lights flickering, and throughout Bobsville, there seems to be the beginning of blackouts trying to occur. Bunnyville Hospital starts experiencing network problems. Biomedical Engineering (BME) is receiving numerous calls of BMD equipment failures. Such as:

• Operating Room has problems/network delays connecting the Anesthesia Records Keeping (ARK) workstations to the ARK system server.
• Radiation Therapy cannot connect to linear accelerator servers for the Eclipse treatment planning system and Aria scheduling server.
• Unknowingly, the cyberattack shut down all BMD Access Control Lists (ACLs).
• Telemetry RNs are calling BME and reporting false data on telemetry equipment. A patient expired while a normal sinus rhythm was displayed on the screen even after the patient had expired.

The Office of Information and Technology (OIT) is getting calls about sporadic network problems. Users are calling the OIT help desk with numerous issues:

• Files cannot be located.
• There is an unknown problem.
• Connection to Microsoft Exchange has been lost. Outlook will restore the connection when possible.

Key Issues

• Threat to the power plant.
• Critical infrastructure attacks occurring nationwide.
• Student PII issues.
• Bunnyville Hospital experienced a patient's death due to inaccurate readings from ICU monitors.

Scenario 2: Part 1

Initial Indications and Reporting: August 2023 Reassessment Trigger: Revisiting Past Events After hearing public reports about the intentions of the adversary group, the Bunnyville Hospital recalled an incident several months earlier that hadn't been reported to any authorities. An employee was caught bringing a thumb drive into a server room, violating organizational IT policy. This same individual committed a second violation when he connected his smartphone to his desktop workstation via a USB cable. Bunnyville Hospital terminated the employee following the second violation of IT policy. At the time, Bunnyville Hospital did not consider the incident more than an internal matter. However, after a series of unexplained systems crashes and performance issues coinciding with the public reporting concerning UA, the Bunnyville Hospital re‐evaluated the significance of past events and filed a report. Speculation on UA's Potential Impact Vectors Following the reporting of the Bunnyville Hospital event (and other reports received from an unknown number of similarly impacted entities) and considering the UA announcements, multiple independent security researchers/security bloggers speculate over potential attack vectors and resulting impacts. Some of the assertions include the ability to:

• "Own" a wide variety of internet-connected consumer devices (gaming consoles, television, digital video recorders, security systems, surveillance systems, and Voice Over Internet Protocol (VOIP) phones);
• The ability to enable the microphones and cameras on these devices;
• Use these devices in denial of service‐type attacks;
• Create a distributed supercomputer; and
• Create a cloud storage network.

Fundamentally, these researchers suggest potentially long-lasting security implications from internet-connected devices. CISA and US-CERT Reports: Conference Room Phone Anomalies The CISA and the United States Computer Emergency Readiness Team (US‐CERT) receive reports concerning a recent evaluation of conference room phone systems utilized by numerous organizations at all levels of the public and private sectors. The reporting indicates the phones would surreptitiously make outgoing calls on their own. There is no visual evidence of the outgoing calls as the phones do not "light up." Employees noticed the phones were in use when making an outgoing call. The Bunnyville Hospital is looking into what number(s), if any, are being dialed from their phones, as this is occurring daily. Key Issues

• Unbeknown to Bunnyville Hospital, a previous employee installed a trojan horse into the server preset to execute on a specific date and time.
• Researchers suggest long-lasting security implications from internet-connected devices.
• US-CERT reports show conference phones across multiple organizations in public and private sectors made outgoing calls on their own.
• 7 months ago
• 20
• Homework
• BSHS 325 Week 1 Individual Foundations of Human Development in the Social Environment Paper
• 322 assessment 4 finan
• Assignment 4: Developing a Critical Interpretive
• Help
• ops571 wk2 qu-2
• mth
• HCR 220 Week 7 Assignment Evaluating Compliance Strategies
• Essay
• PSYCH 525 Week 1 Individual Assignment History of Psychological Assessment Paper