Applied sciences edmg600- week 4: scenario 2 part 1 & 2 assignment | EDMG600 | American Military University - Charles Town, WV

Applied Sciences EDMG600- Week 4: Scenario 2 Part 1 & 2 Assignment Tuffour.saInstructions Week 4: Scenario 2 Part 1 & 2 Assignment

EDMG Gen-AI Specific Policy:

Before beginning this assignment, be sure to read this EDMG Gen-AI Specific Policy. The link will provide you with the information needed to properly use AI. This assignment assesses CO-4, CO-5, & CO-6. Based on the information provided in week 3, scenario 2: part 1 and week 4, scenario 2: part 2, you will answer a series of questions concerning the issues around initial indications and reporting. Identify any additional requirements, critical issues, decisions, or questions you may have at this time. Directions For this assignment, answer the following questions over Scenario 2, Parts 1 & 2.

  • Review Week 3: Scenario 2 Part 1 and Week 4: Scenario 2 Part 2.
  • In an MS Word document, answer the following questions. Title each section with the question.
  • Based on the existing threat, what should be the priority for the Bunnyville Hospital Biomedical Engineering (BME) regarding equipment misreporting?
  • Based on the existing threat, what should the Bobsville emergency management program do as the threats and attacks begin?
  • What is the priority of cyber preparedness, including cybersecurity, within Bobsville?
  • Describe how local law enforcement and cyber threat information-sharing mechanisms, products, and other considerations should be communicated with businesses and critical infrastructure partners.
  • At what point would you contact law enforcement? For situational awareness reporting?
  • Submit the MS Word document under Assignments. Name the file "EDMG600Week4_YourLastName.doc/x"

Submission Guidelines

  • Upload the MS Word document under Assignments.

Resources & Supports

  • Week 3 Scenario 2: Part 1
  • Week 4 Scenario 2: Part 2
  • Office 365: Learn how to obtain Office365 access on the University Guidelines & Resources page, under Required Software & Technology.
  • Submitting and Confirming a Submission: Watch this 3-minute video if you need guidance on submitting your assignment.

Scenario 2: Part 2

Initial Indications and Reporting: September 2023 September 9 Information Security Officers (ISO) at the Bunnyville Hospital have been reporting to the Bobsville emergency manager that the network is experiencing sporadic system slowdowns and degradation to administrative operations. They are unable to determine the cause and extent of the problem. They are working to try and fix the issue. September 10 Flow analysis from several critical infrastructure providers in Bobsville at departmental levels reports functions and networks showing traffic to unknown sites at traditionally low traffic times. September 11 On a CISA conference call, a "coast is clear" was issued on reported vulnerabilities. Bobsville and Bunnyville Hospital computer administrators are encouraged to ensure all firewall and antivirus software is current, monitor networks and websites, and install patches. Bunnyville Hospital was also encouraged to include scanning of isolated Bio-Medical Devices (BMD) networked devices. Unknown to the OIT personnel, they inadvertently shared the malware embedded in the patches onto BMD devices when they scanned the BMD devices. September 12 Bobsville's mayor's office received a threat against the power utility control systems from unknown persons. The threat stated that the nuclear power plant just outside of Bobsville would suffer a hot shutdown and that the people of Bobsville would experience the wrath of a radioactive meltdown of the plant core. September 13 At 0815 hours, the FBI was informed of a cyberattack on critical utility infrastructure throughout the nation. The Town of Bobsville has not experienced any actual Trojans or Denials of Services (DOS) on its critical infrastructure from the cyber-attack. September 13 The Bobsville University security personnel reported that student biographic room access cards were not working. Students also report that the cards' Personal Identifiable Information (PII) is compromised as they receive calls from credit card companies to verify information for credit card applications. September 13, 2023, 8:20 AM The University and local schools start reporting lights flickering, and throughout Bobsville, there seems to be the beginning of blackouts trying to occur. Bunnyville Hospital starts experiencing network problems. Biomedical Engineering (BME) is receiving numerous calls of BMD equipment failures. Such as:

  • Operating Room has problems/network delays connecting the Anesthesia Records Keeping (ARK) workstations to the ARK system server.
  • Radiation Therapy cannot connect to linear accelerator servers for the Eclipse treatment planning system and Aria scheduling server.
  • Unknowingly, the cyberattack shut down all BMD Access Control Lists (ACLs).
  • Telemetry RNs are calling BME and reporting false data on telemetry equipment. A patient expired while a normal sinus rhythm was displayed on the screen even after the patient had expired.

The Office of Information and Technology (OIT) is getting calls about sporadic network problems. Users are calling the OIT help desk with numerous issues:

  • Files cannot be located.
  • There is an unknown problem.
  • Connection to Microsoft Exchange has been lost. Outlook will restore the connection when possible.

Key Issues

  • Threat to the power plant.
  • Critical infrastructure attacks occurring nationwide.
  • Student PII issues.
  • Bunnyville Hospital experienced a patient's death due to inaccurate readings from ICU monitors.

Scenario 2: Part 1

Initial Indications and Reporting: August 2023 Reassessment Trigger: Revisiting Past Events After hearing public reports about the intentions of the adversary group, the Bunnyville Hospital recalled an incident several months earlier that hadn't been reported to any authorities. An employee was caught bringing a thumb drive into a server room, violating organizational IT policy. This same individual committed a second violation when he connected his smartphone to his desktop workstation via a USB cable. Bunnyville Hospital terminated the employee following the second violation of IT policy. At the time, Bunnyville Hospital did not consider the incident more than an internal matter. However, after a series of unexplained systems crashes and performance issues coinciding with the public reporting concerning UA, the Bunnyville Hospital re‐evaluated the significance of past events and filed a report. Speculation on UA's Potential Impact Vectors Following the reporting of the Bunnyville Hospital event (and other reports received from an unknown number of similarly impacted entities) and considering the UA announcements, multiple independent security researchers/security bloggers speculate over potential attack vectors and resulting impacts. Some of the assertions include the ability to:

  • "Own" a wide variety of internet-connected consumer devices (gaming consoles, television, digital video recorders, security systems, surveillance systems, and Voice Over Internet Protocol (VOIP) phones);
  • The ability to enable the microphones and cameras on these devices;
  • Use these devices in denial of service‐type attacks;
  • Create a distributed supercomputer; and
  • Create a cloud storage network.

Fundamentally, these researchers suggest potentially long-lasting security implications from internet-connected devices. CISA and US-CERT Reports: Conference Room Phone Anomalies The CISA and the United States Computer Emergency Readiness Team (US‐CERT) receive reports concerning a recent evaluation of conference room phone systems utilized by numerous organizations at all levels of the public and private sectors. The reporting indicates the phones would surreptitiously make outgoing calls on their own. There is no visual evidence of the outgoing calls as the phones do not "light up." Employees noticed the phones were in use when making an outgoing call. The Bunnyville Hospital is looking into what number(s), if any, are being dialed from their phones, as this is occurring daily. Key Issues

  • Unbeknown to Bunnyville Hospital, a previous employee installed a trojan horse into the server preset to execute on a specific date and time.
  • Researchers suggest long-lasting security implications from internet-connected devices.
  • US-CERT reports show conference phones across multiple organizations in public and private sectors made outgoing calls on their own.
  • 7 months ago
  • 20
  • Homework
  • BSHS 325 Week 1 Individual Foundations of Human Development in the Social Environment Paper
  • 322 assessment 4 finan
  • Assignment 4: Developing a Critical Interpretive
  • Help
  • ops571 wk2 qu-2
  • mth
  • HCR 220 Week 7 Assignment Evaluating Compliance Strategies
  • Essay
  • PSYCH 525 Week 1 Individual Assignment History of Psychological Assessment Paper
3,205views
4.4
(234 ratings)

Related Study Guides

GEO101 | General Geology in Geology - Colorado state university

GEO 101 Colorado State University Collecting Local Weather Data Lab Report Module 7 WEATHER AND CLIMATE Part 1: Collecting Local Weather Data For the first part of this week's lab, you will need to co...

art-designstatistics

Assignment 3 Mobile Device Security Policy and Implementation | CSIS 343 - Cybersecurity

1. Introduction to Mobile Device Security: Provide an introduction to the importance of mobile device security, especially in the context of BYOD policies, and why it's crucial for protecting corporat...

political-sciencehuman-resources

Case study | Physiology homework help

Question 4: If Mark were your coworker, what important aspects of the situation would you want to keep in mind when offering advice and strategies to him? Why do you think this is important? Explain t...

art-designpolitical-science

COMP1115 Assignment 1 - Information Management System & Website

Information Management System & Website Microsoft Project Assignment COMP 1115 Assignment 1 You will be developing your own project for this assignment. Please choose a project (e.g., event, small ren...

art-designhuman-resources

Criminal justice 14 | Criminal homework help

8. Is prostitution connected to other crimes? What crimes? PART 4 The book for this course is Criminal-Law-OER.pdf Killeen Texas, May 1st, 2020. Sam likes to smoke crack and his addiction and related...

human-resourcespolitical-science

Discussion board | Applied Sciences homework help

5. Evaluate various listening approaches you could use in a specific situation and describe the best approach to accomplish your goals and enhance your career relationships with others. - Listening at...

communicationhuman-resources

Human resource management | Human Resource Management homework help

5. Are there pay disparities between males and females in the following jobs? · Forklift operators · Craters · Production Techs · Machine Operators Given your answers to ALL the previous questions, ex...

art-designhuman-resources

Module 2 assignment | management science through spreadsheets | Southern New Hampshire University - Manchester, NH

Module 2 Assignment hulksmashechQSO 320 Module Two Assignment Guidelines and Rubric Prompt: For this assignment, you will continue to use the workbook titled Labor Hours that you created for your Modu...

statisticshuman-resources

Need Help With A Similar Question?

Our experts deliver perfect solutions with guaranteed A+ grades

A+
Student Grade
98%
Success Rate
12h
Delivery Time
Join 1,000+ students who got their perfect solutions
Rated 4.9/5 by satisfied students

Need Help With This Question?

Academic Expert

Subject Matter Specialist

98%
Success Rate
24/7
Support

Why Students Trust Us

  • PhD-Level Expertise
  • Original Work Guarantee
  • Better Grade or Free

"Got an A+ on my assignment. Exactly what I needed!"

Recent Student