Computer Science Homework Help

This assignment will require you to write a professional cyber threat intelligence report that will be used to brief C-level executives at a Fortune 100 global defense & aerospace corporation of the threat posed to the company by a suspected Chinese cyber espionage activity commonly referred to as “Temp.Periscope” and “Leviathan.”

Requirements:

In a 5+ page report, please provide an intelligence assessment of the threat posed to your organization by the adversary group listed above. This report should contain as much contextual information as possible, including any and all available indicators of compromise (IOCs) that may help cyber security staff perform threat hunting activities for signs of a network intrusion event.

Please structure your report into three sections based upon the strategic, operational and technical information you are able to collect, analyze and provide an assessment on. In addition, when providing your assessment, please use estimative language found in the diagram on the following webpage: https://twitter.com/y0m/status/982883765809631232

I’d also like you to include a Maltego graph in your report showing the different IOCs you’ve collected – you can download the software via the following link: https://www.paterva.com/web7/downloads.php

• Remember, Control + T will enable you to create a new graph within Maltego

Some of the considerations you may want to consider when writing your report include but aren’t limited to:

1. What threat actor or group is allegedly responsible for these attacks?
2. Is the threat actor or group linked to a foreign nation-state?
3. What was the suspected motivation or goal of the attacks?
4. Were any vulnerabilities (known or zero-day) associated with these attacks?
5. What tactics, techniques & procedures (TTPs) were used in the attacks?
6. What malware and tools does this threat group utilize?
7. Are there any indicators of compromise (IOCs) associated with the attacks?
8. What recommendations would you make to senior leadership to reduce the risk posed by this cyber adversary?

Here are some examples of open source reporting on this topic that you may consider using for your report:

https://www.accenture.com/us-en/blogs/blogs-iDefense-anomali-detect-18-recap

https://www.washingtonpost.com/world/national-security/china-hacked-a-navy-contractor-and-secured-a-trove-of-highly-sensitive-data-on-submarine-warfare/2018/06/08/6cc396fa-68e6-11e8-bea7-c8eb28bc52b1_story.html?noredirect=on&utm_term=.35f5fbfefee0

https://www.fireeye.com/blog/threat-research/2018/03/suspected-chinese-espionage-group-targeting-maritime-and-engineering-industries.html

https://www.fireeye.com/blog/threat-research/2018/07/chinese-espionage-group-targets-cambodia-ahead-of-elections.html

https://www.proofpoint.com/us/threat-insight/post/leviathan-espionage-actor-spearphishes-maritime-and-defense-targets

You are encouraged to perform additional open source research on this topic to collect as much information a possible to support your intelligence product. Please provide a list of all external sources (URLs are sufficient) on the last page of your report.