Employees of a Country A-based computer company are accused of having conducted numerous distributed denial of service attacks against the financial services sector and having accessed the industrial control system of a dam in Country B. Significant economic damage was reported by the financial services sector; the dam, however, reported only information theft. While the perpetrators gained access to the industrial control system (ICS) of the dam which would enable remote modification and operation of its system, the part of the ICS that would enable this modification and operation was offline and undergoing maintenance at the time of the incident. It is believed that these employees were sponsored by Country A.
• What type of cyber-incident is this scenario describing? Why do you think so?
• What would be needed to prove that Country A was responsible?
• What are some obstacles you may encounter in proving that Country A was responsible?
• What actions can be taken in response to this cyber-intervention? Why do you think so?
Already registered? Login
Not Account? Sign up
Enter your email address to reset your password
Back to Login? Click here