Select Page
Your Perfect Assignment is Just a Click Away
We Write Custom Academic Papers

100% Original, Plagiarism Free, Customized to your instructions!

glass
pen
clip
papers
heaphones

CybersecurityPolicyandBaselineAnalysisReportFinal.1.docx

CybersecurityPolicyandBaselineAnalysisReportFinal.1.docx

1

Cybersecurity Policy and Baseline Analysis Report

Abstract

The Fiver Eyes (FVEY) is an alliance between five countries, including the United States, United Kingdom, Australia, New Zealand, and Canada, with the aim of sharing and analyzing signals intelligence between the partner countries. While the relationship between the countries has been harmonious, recent developments show signs of increasing tension between the partners. This paper is aimed at providing an analysis of the cybersecurity policies of the countries and performing a base analysis to identify some of the principal factors contributing to the tensions.

The analysis identifies the similarities, as well as the differences between the countries in terms of collecting and analyzing intelligence data. With the advancements in information technology, there are increasing vulnerabilities in cyberspace, which has resulted in the establishment of varied initiatives to facilitate the capacity of the countries to respond to the related risks. The Global Cybersecurity Agenda established by the International Telecommunications Union (ITU) created the foundations for this and other similar cooperation.

It is essential to create an active cyber threat intelligence to ensure successful incident response and intrusion evaluation. The global cybersecurity environment is a complex environment that requires all the FVEY partners to establish an understanding of the intersection between law and cyberspace. The legal contentions relate to how the partners can integrate the current regulations that have been developed in and for different situations. However, it is concluded that the cybersecurity attack vectors are changing fast and there is a need for a quick response.

Contents

Table of ContentsAbstract Cyber Policy Matrix Transnational Legal Compliance Report International Standards Report Attribution Report Network Security Checklist System Security Risk Vulnerability Report…………………………………………………………………………………….. Forensic Analysis Report……………………………………………………………………………………………………………… Chain of Custody Form………………………………………………………………………………………………………………… Environmental review and Analysis……………………………………………………………………………………………..

Tables and Figures

Background

This introduction should relate the background of the project, including a statement of the scenario and goals of the project. In one or two paragraphs, analyze the principles of warfare that lay the groundwork for cyber warfare theory and application.

Cyber Policy Report:the culmination of your policy research, this report should provide your cisco with an understanding of the managerial technical and regulatory positions of the fVEY nations attending the summit. The cyber policy report comprise the following material developed by you and your teammates throughout the project.

CYBER Policy Matrix

FinalCyberPolicyMatrix (1).xlsx

Transnational Legal Compliance report

The Five Eyes (FVEY) is a coalition between five countries; the United States, United Kingdom, Canada, and New Zealand. The purpose of this alliance is to share and analyze signals intelligence between the countries. A nation’s huge amount of data is stored in databases of which in the wrong hands can be used to manipulate or exploit specific groups or individuals(Talbott et al., 2018).

For an extended period, these five countries have been working harmoniously; but of late has been showing signs of stress with each other. Cyber incident records have increased significantly over the years revealing numerous privacy concerns. Every nation has developed its own approach on addressing frameworks and strategies; but still similarities and differences can be found between them(Talbott et al., 2018).

The Tallinn Manual 2.0 is a thorough guide “created by international legal experts gathered by CCD COE and Michael N. Schmitt, a prominent global cyber expert.” Talbott-Jensen, E. (2018). It is not considered an international law between the countries; but more of a guide to assess and resolve cyber issues that may come up during a summit.

Similarities

All the countries, United States, United Kingdom, Canada, and New Zealand have a special agency to manage geospatial intelligence. Every country has an agency that analyzes gathered intelligence that is used across the government. New Zealand and Australia are remarkably similar in terms of Parliamentary and independent oversight mechanism for its intelligence agencies

Australia, Canada, United Kingdom, and New Zealand have ministries that are responsible for each of the country’s intelligence community; ultimately, the Prime Minister leads the national security systems. On the other hand, the United States’ President leads the effort on its national security matters(Talbott et al., 2018).

Differences

Australia has a broad national assessment agency; with six bureaus that makes up its defense community; geospatial, foreign, signals, and security intelligence. There is no specific agency that gathers foreign intelligence for Canada or even a national law enforcement agency. This is also the same case for New Zealand. Only three agencies make up New Zealand’s intelligence community. These are Security, Signal Intelligence, and National Assessments(Barker et al., 2017).

The United Kingdom has “three core agencies responsible for security intelligence, foreign intelligence, and signals intelligence that form part of the broader ‘national intelligence machinery’, which includes Defense Intelligence and the Joint Intelligence Committee.” Barker, C., et al 2017). There are seventeen entities that composes the intelligence community of the United States. This includes signal, defense, drugs, security, financial, diplomatic, energy, financial and foreign intelligence.

Analysis and Conclusion

Cybersecurity trainings programs are both offered by the United States, United Kingdom, and Australia. Procedures are vastly different between these countries. Both Australia and New Zealand have development programs that supports the Cyber workforce. Canada and Australia have similar guidelines on handling classified information and transfer processes; most of which are consistent with the Tallinn Manual 2.0

Tension between the nations will never go away but can only be lessen. Every country has its own unique characteristics that calls for a framework that is more suitable to its structure, history, and culture. Still, each country has managed to create a check and balance to ensure that the intelligence gathered is controlled without exploitation. Recent times have presented new predicaments that challenges the current rules and guidelines. The best plan of action is to evolve and find ways to improve standard practices while learning through experience from other countries(Barker et al., 2017).

International Standard Report

In the face of modern advancements in information technology, the cyberspace and the technological platforms that enable it to facilitate international cooperation in the face of globalization and internationalization. Although there are benefits of cooperation in the cyberspace in sharing information and intelligence, some companies can exploit vulnerabilities in they IT network of other nations. To enhance cooperation in the cyber space, several initiatives have been put in place to protect players and enhance integrity, trust, and confidence in the cloud. The measures have been put in place to assure free and protected flow of information and give countries the ability to respond to increasingly serious risks while at the same time enhancing risk-based approaches(Kiener, 2019).

Global Cybersecurity Agenda

The International Telecommunications Union (ITU), which is a United Nations agency charged with the responsibility of ensuring the international community works together towards a consensus on a wide range of issues that affect the ICT sector and hence international cooperation (Kiener, 2019).

The ITU came up with the Global Cybersecurity Agenda that is focused on strengthening international cooperation to foster confidence and security in the cyberspace. To achieve this, the Global Cybersecurity Agenda promotes key strategic pillars in the aspects of legal, technical, organizational, capacity-building, and cooperation needs (Kiener, 2019).

The Budapest Convention on Cybercrime

Another initiative adopted by 66 countries is The Budapest Convention on Cybercrime (PGA, 2022). The Budapest Convention on Cybercrime is a vital guideline for countries that are trying to come up with a proactive comprehensive national legislation against cybercrime. It is also a reliable framework for international cooperation between States that subscribe to the provisions of the convention. In response to the evolving cybersecurity environment, the First Additional Protocol regarding criminalization of unbecoming acts of a racism and xenophobia executed through computer systems was established. In realization of the urgent need to cover modern developments in the cyberspace, it is imperative for a Second Additional Protocol to be adopted to support enhanced international cooperation in respect to sharing information, sharing secrets, intelligence and enhancing integrity on information on the cloud (Fromiti, 2018).

Another possible initiative in cooperation in international cyberspace is the Mutual legal assistance (MLA) which supports the need of states to solicit and share information that can help in advancement of justice(Fromiti, 2018). MLA also provides assistance to nations in sharing information that supports States in combating terrorism and more importantly cyberterrorism. However, the law is not modern enough to address modern demands of digital world. However, the MLA supports significant international cooperation. This initiative can be used to support the sharing of intelligence during the meeting(Fromiti, 2018).

Methods and Techniques:

Results:

This section is a presentation of the collected information and data analysis. Relevant tables and figures should be included. All deliverables within the project should be discussed.

Appendices

Security Baseline Report:This is a comprehensive analysis of networks,

tools, threats, and vulnerabilities surrounding this event. The report

comprises three reports: Attribution Report, Network Security Checklist, and

System Security Risk Vulnerability Assessment Report.

The following materials are developed by you and your teammates

throughout the project

Attribution Report

Active cyber threat intelligence is required for successful cyber incident response and intrusion investigations. It is critical to obtain correct information on threat actors and their methodologies and communicate this knowledge with allies to repair cyber-attacks and avoid future attacks properly. IP addresses are considered useful intelligence in any cyber security activity. It’s critical to collect as much information about these IP addresses. As the number and frequency of cyber-attacks have grown in recent years, the corporate sector and governments have spent heavily obtaining and disseminating accurate and timely information on attackers(Lord, 2020).

A big cyber-attack might be considerably minimized or averted totally if this information is collected and disseminated in a timely way. The purpose of incident response teams is usually to identify accurate Indicators of Compromise (IOCs). Indicators of compromise (IOCs) are “pieces of forensic data, such as data found in system log entries or files, that identify potentially malicious activity on a system or network.” Indicators of compromise aid information security and IT professionals in detecting data breaches, malware infections, or other threat activity. By monitoring for indicators of compromise, organizations can detect attacks and act quickly to prevent breaches from occurring or limit damages by stopping attacks in earlier stages. (Lord, 2020)example of IOCs is Unusual Outbound Network Traffic, Anomalies in Privileged User Account Activity, HTML Response Sizes, and Unusual DNS Requests and Signs of DDoS Activity(Lord, 2020).

Incident responders and cyber security specialists commonly possess logs and other networking artifacts, including IP addresses and other pertinent information. It is critical to distinguish between malicious and non-malicious IP addresses. Logs and other digital evidence will contain IP addresses linked with attackers and IP addresses associated with normal user activity within the known time of a cyber-attack or intrusion. For instance, if an attacker tries to connect to the victim network from a known malicious IP address, network perimeter equipment such as Intrusion Prevention Systems (IPS) could terminate the connection and block the malicious IP address from the network entirely, preventing further harm actions from the malicious IP address(Sikorski, 2012).

However, blocking a genuine IP address may severely influence the organization’s operations. As a result, it is critical not to block IP addresses randomly without first determining whether each IP address is harmful based on acceptance criteria(Sikorski, 2012).

IP addresses associated with threat actors could be considered malicious for different reasons. An attacker(s) command and control servers are examples of IP addresses that should be identified and blocked. This information can be learned through a review of logs, the incident response of computers and servers, or malware reverse-engineering(Sikorski, 2012).

By conducting static and behavior analysis of malware, investigators can determine hard-coded IP addresses for command-and-control servers and other computers part of the attack, such as relays or proxies (Sikorski 2012). For this project, Group 4 analyzed the provided IP addresses that had been associated with anomalous behavior(Sikorski, 2012). The group was provided with the following IP addresses:

(IPADDRESSCOUNTRY7.26.42.136UnitedStates190.142.94.44Venezuela113.245.133.236China17.158.163.43UnitedStates82.196.6.46Netherlands207.88.46.144UnitedStates46.3.152.107Russia222.215.134.15China85.209.52.248SaudiArabia174.73.217.102UnitedStates161.234.248.208UnitedStates16.106.9.38UnitedStates209.183.236.40UnitedStates203.96.22.39NewZealand(Aotearoa))

Identifying what network functioning comprises is necessary to prepare for future risks and offer proper remedies for our networks. The team’s investigation findings showed that Venezuela, China, the Netherlands, Russia, Saudi Arabia, and New Zealand were identified as nations with suspicious activities. The countries all meet these requirements due to their disruptive attacks and cyber threats to intercept and capture data obtained from other countries to exploit it(Lord, 2020).

A bad actor is a person or agency acting maliciously to disrupt resources attributed to another organization, an individual, or a community. After analyzing the criteria for bad actors together, it was concluded that, because these nations are all bad actors, FVEY should proceed with the meticulous defense of infrastructure facilities and networks, particularly in New Zealand. In general, the FVEY countries will benefit from moving forward in a positive direction by having solutions on standby(Sikorski, 2012).

Network Security Checklist

Running a network security Audit can be stressful, but not something you should skip if you want your company data to remain as safe as possible. To simplify we’ve made a quick security and audit checklist to prevent cyber-attacks. This will include Hardware and software and different protocols being configured on different devices (Knapp & Langhill, 2015).

Network infrastructure devices are components of a network that transport communications needed for data applications, services, and multimedia. These devices include routers, firewalls, switches, servers, load-balancers, intrusion detection systems, domain name systems, and storage area networks. These devices are ideal targets for malicious cyber actors because most or all organizational and customer traffic must pass through them. There are different layers that will also be covered, first layer (Network Data Transmit Layer). This layer will cover any network-based devices and all the data transit requirements. Second is the lower Layer is the (Host Network layer)that will cover the physical transmission of data (knapp& Langhill, 2015).

Firewall

A firewall is a security system for computer networks, firewalls monitor and control the network traffic-incoming and outgoing based on security rules set by you. A simple term a firewall is a filter between your internal network and the external network such as the internet. Here is the firewall-related checklist. You have the firewall in place to protect your internal network and external communication to protect you against unauthorized access. The password for your firewall device has been changed from the default to strong password. Your default posture on all access lists, inbound as well as outbound is “Deny ALL”. Every rule on the firewall is documented and approved by an authorized individual. Every alert is promptly logged and investigated. You use only secure routing protocols which use authentication. You promptly disable any permissive firewall rules that are no longer required (Huang et al., 2020).

Figure 1

How Firewalls Work

SwitchSecure Network Devices

A switch is one of the important devices in your Network Checklist, it is the network device that allows other devices on the network to communicate and share information. You will have PC, San Storage, Servers, VOIP, Printers, on the network and the switch which is used to tie these devices together. For small and medium size offices there are three types of network switches to choose from. These types are based on configuration options and are as follows (Huang et al., 2020).

Unmanaged Switch

An unmanaged switch is the most basic kind of switch. It’s simple because you can use it out of the box. Does not need any configuration (Maiwald, 2001).

Managed switch

A managed switch gives you control over the operations of the switch. You can configure your switch to decide how your network consumes and internet connection. You can configure the switch via a CLI Command line Interface), SNMP (Simple Network Management Protocol), or web interface (Maiwald, 2001).

Figure2

WGSD-10020-Application

VLANS

Vlans (virtual LAN) is a subnet which can group together a collection of devices on separate physical local area networks. (LANS) A Lan can group together computers and devices that share a communications line or wireless link to a server within the same geographical area (Haq& Parveen, 2017).

Figure 3

Diagram  Description automatically generated

Antivirus and anti-malware

Anti-malware and antivirus software protect you from viruses, trojans, ransomware, spyware, worms, or other unauthorized programs planted on the network. These can enter your system in various ways, through a corrupted file or link or even through other infected devices (Rafael et al., 2022).

Malware, which stands for malicious software, is designed by cyberattacks to infect your system for various reasons. Ransomware, for example, is designed to encrypt your files. So, you get locked and must pay a fee to access important business information. Other forms of cyberattacks using malware may also take over your network to use it in a DDoS attack or to simply do damage to your system (Rafael et al., 2022).

Data loss prevention

Software is designed to monitor your network for sensitive data that are being stored and transferred and, ultimately, protect them from leaks. Data loss prevention solutions play a bigger part if your company has a BYOD policy, employees who work remotely, or if your data is stored in the cloud. If your network consists of various devices that need to be updated, including network devices like routers or work PCs, consider investing in patch management software (Huang et al., 2020).

Consistent Software Updates other than containing performance improvements, software updates are highly likely to contain fixes to know security vulnerabilities. Delaying these updates may cause you to miss the fixes to know security vulnerabilities, putting your data at risk and allowing cybercriminals to enter your system (knapp& Langhill, 2015).

All about passwords

An estimated 81% percent data breaches occur because of poor password security. Having a strong password prevents hackers from breaking into your system. When you first get a device or install software make sure you change the default password into a strong one according to company policies. To keep everyone on the same page make sure that they know what a strong password looks like, 15 or more special characters included and two factor authentication (Harrington, 2005).

Limit remote access and IT policies

A clear IT policy that reinforces network security is necessary to keep your employees accountable. A network security policy also serves as reference for your security team and employees are on the same page about who has access to what and the kind of security measures, they need to take to protect company data. This is even more important now that remote work and BYOD (Bring Own Device) policies are the norms for most organizations. The introduction of these policies can make your users more liberal with their data. creating a strict policy to limit access to only what’s necessary for your employees to do their job is a precaution you need to take to ensure the integrity and security of your data (keuren, 2021).

Network / Data Transit Layer

IPSEC

IPSEC stands for IP security; it is an internet engineering Task force (IETF) standard suite of protocols between 2 communications points across the IP network that provide data authentication, integrity, and confidentiality. It also defines the encrypted, decrypted, and authenticated packets(Liang, 2012).

TLS

Since people can use the internet freely, a certain level of protection is needed. VPNs are responsible for ensuring that your browsing is smooth, free of obstacles like hackers and government authorities. VPNs use a variety of security encryption protocols to protect your data from start to finish. One of the protocols used is the Transport layer Security (TSP). TLS is a cryptographic protocol that provides privacy and data integrity between two communicating applications. It was first introduced in 1999 as an upgrade to SSL version 3.0. The TLS specification 1.2 was defined in 2008, and today it is the most widely deployed security protocol (Maiwald, 2001).

Public Key Infrastructure

· A PKI consist of the following A certificate authority (CA)

· A registration authority (RA)

· A central directory

· A validation authority (VA)

· A certificate management system

· A certificate policy

Figure 4

What is Public Key Infrastructure | How Does PKI Work? | Security Wiki

IDS/IPS

An intrusion Detection System (IDS) is a network security technology originally built for detection of vulnerability exploits against a target application or computer. There are four types of IDS and how they can protect your business (Ma et al., 2022).

· Network intrusion detection system

· Host-based intrusion detection system

· Perimeter intrusion detection system

· Vm-based intrusion detection system

Types of intrusion Detection systems Methods

· Signature -based intrusion Detection Method

· Anomaly based intrusion Detection Method

· Hybrid detection Method

Top Intrusion Security System Tool

· SolarWinds Security Event Manager

· McAfee

· Suricata

· Blumira

· Cisco Stealthwatch

IPS

Intrusion system is placed inline, in the flow of network traffic between the source and destination, and usually sits just behind the firewall. There are several techniques that intrusion prevention systems use to identify threats (Ma et al., 2022).

· Signature-based this method matches the activity to signature of well-known threats one drawback to this method is that it can only stop previously identified attacks and won’t be able to recognize new ones.

· Anomaly-based this method monitors for abnormal behavior by comparing random samples of network activity against a baseline standard. It is more robust than signature-based monitoring. But it can sometimes produce false positives.

· Policy-based This method is somewhat less common than signature -based or anomaly-based monitoring. It employs security policies defined by the enterprise and blocks activity that violates those policies. This requires an administrator to set up and configure security policies.

Figure 5 IPS and IDS configuration (Ma et al., 2022)

Diagram  Description automatically generated

System Security Risk Vulnerability

Authentication and credential attacks include the threat to the username, password, bank account information, social security number, and other coding keys (Abdalla, 2018). The different threats to authentication and credential are password or personal information attacks through social engineering techniques, such as phishing, credential stuffing, sniffing, guesswork, or man-in-the-middle attack (Abdalla, 2018).

Social engineering techniques involve illegitimate links with genuinely appeared information. For example, users could be asked to provide their credentials (credit card information) to purchase online from a fake website, which results in adverse consequences. Moreover, social engineering encourages messages or emails to redirect to the malicious sites once the user clicks the relevant link. Smishing, phishing, or spoofing is the technique to access email from a trustworthy source by disrupting their system with a malware attack (Aldawood& Skinner, 2018).

PKI (Public Key Infrastructure) and digital signatures encrypt or protect data from being decoded by hackers (Danquah & Kwabena-Adade, 2020). Examples- SSL (Secure Sockets Layer) certificate and multifactor authentication. The cryptographic methods to complicate algorithms incorporate symmetric or asymmetric PKIs. Digital certificates incorporate both private and public keys to enhance security and privacy with end-to-end encryption (Abdalla, 2018).

Suppose John works in a high-risk environment and shares organizational information with various clients in a day. He organizes PKIs to send messages, but the clients influence private keys to maintain the confidentiality of the information. The private messages or data reduce the risk of intended threats or attacking the environment. Also, integrated approaches during digital collaboration require multifactor authentication by the business partners (Danquah & Kwabena-Adade, 2020).

Further, PKIs could be used to provide network accessibility, authentication of transactions, and preserving sensitive information by encouraging a mechanism of specific signature based on different initiatives when the transactions could not be processed by acknowledging the valid user (Danquah & Kwabena-Adade, 2020). For instance, people receive OTP (One-Time Password) to the relevant mobile number to ensure the safety of ATM transactions.

Leapfrogging across networks is the rapid adoption of technologies by middle or low-income nations to promote opportunistic advantages (Woon, 2020). When hackers steal sensitive information in the initial stages, the process is known as a leapfrogging attack. Also, leapfrogging in multiple networks means changing traditional strategies with the trends in every place that could result in economic vulnerabilities, technological threats (low skilled users and policymakers), and opportunities for hackers to disrupt the integrated infrastructure (Woon, 2020).

Leapfrog occurs when nations bypass traditional stages of development to either jump directly to the latest technologies (stage-Skipping) or explore an alternative path of technological development involving emerging technologies with new benefit and new opportunities (path-creating). This leapfrogging of PC-based internet access has been hailed I many quarters as an important means of rapidly and inexpensively reducing the gap in internet access between develop and developing nations, thereby reducing the need for policy interventions to address this persistent digital divide (Woon, 2020).

Vertical and Horizontal Privilege Escalation

Cybersecurity is divided into five phases, where escalation is the fourth stage before the potential mission. During escalation, the hackers accomplish targeted information and data to corrupt the channels, systems, and mail servers with ransomware activities. We have identified the social engineering threats (phishing or spoofing).

First, we would report it to the anti-phishing department, disconnect the device from the channels to prevent identity theft, change the password, and provide the information to the stakeholders to reduce the significance of cybercrime (Aldawood& Skinner, 2018). The countermeasures against social engineering threats are spam filters, multifactor authentication, updated version of the software for automated scans against viruses (Abdalla, 2018). Also, VPNs (Virtual Private Networks) provide a secured environment between the users and communicated channels through encrypted proficiencies (Osawa, 2017).

What is escalation in the cyberattack phase, the attacker seeks to identify and gain the necessary level of privilege to achieve their objectives, they have control over the access channels and credentials acquired in the previous phases. There are two types of escalation attacks, and they can be separated into two broad categories -horizontal privilege escalation and vertical privilege escalation. Often confused with each other, these terms can be different as follows (Osawa, 2017).

Horizontal Privilege Escalation involve gaining access to rights of another account human or machine with similar privileges. This action is referred to as account takeover typically, this would involve lower-level accounts (ie standard user), which may lack proper protection. With each new horizontal accountcompromised, and attacker broadens their sphere of access with similar privileges (Osowa, 2017).

Vertical Privilege escalation also known as privilege elevation attack, involves an increase of privileges /privileged access beyond what a user, application or other asset already has. This entails moving from a low-level of privileged access, to a higher amount of privileged access. Achieving vertical privilege escalation could require the attacker to perform a number of intermediary steps (Osowa, 2017).

Forensic Analysis Report:The culmination of your investigative efforts,

this report will document the eDiscovery process, your findings, and how

they are connected to the countries involved. The Forensic Analysis Report

comprises the following materials developed by you and your teammates

throughout the project:

Figure 6 Chain of Custody Form

Case Number: 2346238934 Offense: Cyber Attack

Submitting Officer: (Name/ID#) Joe Friday

Victim: New Zealand

Suspect: Anonymous

Date/Time Seized: Oct 08 2018 Location of Seizure: New Zealand

Description of Evidence

Item #

Quantity

Description of Item (Model, Serial #, Condition, Marks, Scratches)

100

1

USB flash drive, serial No.2992387, SanDisk

101

1

Laptop Packard -serial number

102

1

IMAC Tablet

103

1

Computer

104

1

External Hard Drive

105

1

Apple Iphone1 , Model #ZB3234L,Serial Number 7B1A8NVP.136GB

Chain of Custody

Item #

Date/Time

Released by(Signature & ID#)

Received by(Signature & ID#)

Comments/Location

1

10/08/2018

Joe Friday

Five Eyes Alliance

New Zealand central forensic Library

EVIDENCE CHAIN-OF-CUSTODY TRACKING FORM (Continued)

Chain of Custody

Item #

Date/Time

Released by(Signature & ID#)

Received by(Signature & ID#)

Comments/Location

Final Disposal Authority

Authorization for DisposalItem(s) #: ___5_______ on this document pertaining to (suspect): _____Roger Stone_______________________________________is(are) no longer needed as evidence and is/are authorized for disposal by (check appropriate disposal method)☐Return to Owner X☐Auction/Destroy/Divert Name & ID# of Authorizing Officer: _______1234 _____________________ Signature: __Joe Friday____________________Date: ___4272022________

Witness to Destruction of Evidence

Item(s) #: __________ on this document were destroyed by Evidence Custodian ___________________________ID#:______in my presence on (date) __________________________.

Name & ID# of Witness to destruction: ________________________ Signature: _______________________Date: ___________

Release to Lawful Owner

Item(s) #: __________ on this document was/were released by Evidence Custodian ________________________ID#:_________ to Name _____________________________________________________________________________Address: ________________________________________________ City: ____________________State: _______ Zip Code: ______Telephone Number: (_____) ___________________________________Under penalty of law, I certify that I am the lawful owner of the above item(s).

Signature: _______________________________________________________ Date: __________________________Copy of Government-issued photo identification is attached. ☐Yes ☐ No

This Evidence Chain-of-Custody form is to be retained as a permanent record by the Anywhere Police Department.

ENVIRONMENT REVIEW AND ANALYSIS

The Global Economic Summit’s international environment is a complicated aggregation of numerous security methods, understandings, and regulations that need a full explanation. Each of the Five Eyes countries has an individual and collective interest in keeping all assets and information secure. However, each country’s approach will be slightly different. A complete understanding of the environment can only be obtained by acknowledging the junction between international law and cyberspace.

The main point of contention regarding the legal issues of offensive and defensive cyber warfare is how it interacts with current regulations developed in quite different situations. To put it another way, “how do we apply old laws of war to new cyber-circumstances, staying faithful to enduring principles, while accounting for changing times and technologies?” (Koh, 2012).

The challenge of reassessing international interactions in an increasingly cyber-enabled world presents a once-in-a-lifetime opportunity to assess existing guidance and determine whether it should continue to govern international relationships or be replaced to reflect modern challenges more directly. “At least one country has questioned whether existing bodies of international law apply to the cutting-edge issues presented by the internet. Some have also said that existing international law is not up to the task, and that we need entirely new treaties to impose a unique set of rules on cyberspace. But the United States has made clear our view that established principles of international law do apply in cyberspace” (Koh, 2012). New Zealand forensic law includes the business of providing accurate, timely, and thorough information to all levels of decision-makers in the criminal justice system. Increasing disruptive activities by cyber threat actors prompted New Zealand’s second Cyber Security Strategy, Action Plan, and National Plan to address cybercrime in November 2015. “New Zealand’s Cyber Security Strategy 2015 has four goals: Cyber Resilience, Cyber Capability,Addressing Cybercrime and International Cooperation” (Connect Smart, 2015).

Cybersecurity attack vectors are changing at a quick pace. As cybersecurity professionals discover how to neutralize a single sort of attack vector, fraudsters switch up the attack vectors they use to make specialists comfortable. Cybercriminals shifted to utilizing Trojans to steal data as New Zealand tightened security technology and processes to resist malware while adware surged in volume.

Most of these attacks results rely on social engineering techniques or low-tech delivery payloads assessed through the Dark Web. New Zealand’s national infrastructure depends upon cyberspace, and this means that preventing unwanted access by securing its networks, systems, programs, and data from attack is vital and profoundly important. New Zealand’s geographical isolation does not protect it from criminal hostility and offensive intention in cyberspace (New Zealand Foreign Affairs & Trade, n.d). Cyber threats facing the country are:

· Cyber espionage and intellectual property theft for political, economic, and commercial advantage.

· Cyber terrorism or state-sponsored offensive action, like the disruption of services or damage to New Zealand critical infrastructure systems.

· Cybercrime and cyber-enabled crime like scams involving online trading, dating sites, and fake investments on personal financial or identity data theft.

· Cyber vandalism or issue-motivated “hacktivism,” such as websites being defaced, or their services interrupted for political purposes.

New Zealand engages internationally in cyberspace because of its trans-boundary nature. The focus is on detecting problems, building understanding and awareness, developing norms and “rule of the road” and identifying supportive measures. Also, discussing cybersecurity with United Nations in regional forums and at multi-stakeholder discussions like the Internet Governance Forum and sharing threat information and best practices with international partners is vital as it helps New Zealand assess cyber threats and put in place systems to address them (New Zealand Foreign Affairs & Trade, n.d).

Conclusion

In practice, a digital forensic environment review and analysis involves a thorough forensic analysis of the laws and regulations of the international community. One needs to assess procedures for acquisition, preservation, analysis, and transfer of data at rest or in transfer. With improvements in information technology and the evolving cyber space, the threat environment continues to become highly sophisticated with hackers acquiring and fine tuning their attack techniques. Globally, cyberattacks are increasing rapidly(Kshetri 2016).

Massive data breaches are occurring with alarming frequency (Kshetri, 2016). Today, there is an eminent skills gaps which serve as a significant challenge for law enforcement agencies, forensics team and prosecutors for international relations and cross border enforcement. When conducting an environmental analysis, it is important to consider the regulatory and legal aspects of securing the upcoming Global Economic Summit from inevitable cyber-related threats(kshetri 2016).

There are globally agreed cybersecurity norms. However, nations should have robust cybersecurity mechanisms in the event one nations decides to contravene the norms. The defensive nature of nations should include measures to secure communications of our nations and its IT infrastructure from cyberattacks. The ever-expanding risk of cybercrime have become a threat to not only the national security but also the economy. If breached, our cell phones, pipelines, electric grid, and servers can be exploited by hackers and criminals. It is important to define measures to creating accountability when a hostile state chooses to ignore globally agreed norms(Kshetri 2016).

References

Abdalla, I. (2018). Social Engineering Threat and Defense: A Literature Survey. Journal of Information Security, 9, 257-264. https://doi.org/10.4236/jis.2018.94018

Aldawood, H. and Skinner, G. (2018). Contemporary Cyber Security Social Engineering Solutions, Measures, Policies, Tools and Applications: A Critical Appraisal. 26th International Conference on Systems Engineering, Sydney, 8-20 December, 1-6.

Andy Jones, & Debi Ashenden. (2005). Risk Management for Computer Security : Protecting Your Network and Information Assets. Butterworth-Heinemann.

Barker, C., Dawson J., Godec, S., Petrie, C., Porteous, H. Purser, P. (2017). Oversight if

Intelligence Agencies: A comparison of the ‘Five Eyes’ Nations. Parliament of Canada. https://lop.parl.ca/sites/PublicWebsite/default/en_CA/ResearchPublications/22035249

Connect Smart. (2015, December). National Plan to Address Cybercrime 2015 (PDF). Retrieved fromhttps://www.connectsmart.govt.nz/assets/Uploads/nz-cyber-security-cybercrimeplan-december-2015.pdf

Danquah, P., and Kwabena-Adade, H. (2020). Public Key Infrastructure: An Enhanced Validation Framework. Journal of Information Security11, 241-260. doi: 10.4236/jis.2020.114016.

Eric D. Knapp, & Joel Langill. (2015). Industrial Network Security : Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems: Vol. Second edition. Syngress.

Haojun Huang, Lizhe Wang, Yulei Wu, & Kim-Kwang Raymond Choo. (2020). Blockchains for Network Security : Principles, Technologies and Applications. The Institution of Engineering and Technology.

Jan L. Harrington. (2005). Network Security : A Practical Approach. Morgan Kaufmann.

John R. Vacca. (2014). Cyber Security and IT Infrastructure Protection. Syngress.

Klare, M. T. (2019). Cyber Battles, Nuclear Outcomes? Dangerous New Pathways To Escalation. Arms Control Today49(9), 6–13.

Koh, H. H. (2012, September 18). International Law in Cyberspace. Retrieved from www.state.gov: https://2009-2017.state.gov/s/l/releases/remarks/197924.htm

Liang, G. (2012). Network Protocols. Nova Science Publishers, Inc.

Lord, N. (2020, December 1). A DEFINITION OF INDICATORS OF COMPROMISE. Retrieved from digitalguardian.com: https://digitalguardian.com/blog/what-are-indicators-compromise

Maiwald, E. (2001). Network Security : A Beginner’s Guide. McGraw-Hill Professional.

Ma, Z., Li, J., Song, Y., Wu, X., & Chen, C. (2022). Network Intrusion Detection Method Based on FCWGAN and BiLSTM. Computational Intelligence & Neuroscience, 1–17. https://doi-org.ezproxy.umgc.edu/10.1155/2022/6591140

Musa, S. M. (2018). Network Security and Cryptography. Mercury Learning & Information.

New Zealand Foreign Affairs & Trade. (n.d). Cyberspace is Essential to New Zealand’s Economic Growth, Productivity and Security. Retrieved from

https://www.mfat.govt.nz/en/peace-rights-and-security/international-security/cybersecurity-issues/

NIST. (2013, April 12). The Biological Evidence Preservation Handbook: Best Practices for Evidence Handlers. Retrieved from www.nist.gov: https://www.nist.gov/system/files/documents/forensics/NIST-IR-7928.pdf

Osawa, J. (2017). The Escalation of State Sponsored Cyberattack and National Cyber Security Affairs: Is Strategic Cyber Deterrence the Key to Solving the Problem? Asia-Pacific Review24(2), 113–131. https://doi-org.ezproxy.umgc.edu/10.1080/13439006.2017.1406703

Sikorski, M. (2012, Feb 01). Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software.

Susan Snedaker. (2014). Business Continuity and Disaster Recovery Planning for IT Professionals: Vol. 2nd ed. Syngress.

Talbott- Jensen, E (2018). The Tallinn Manual 2.0: Highlights and Insights. https://www.law.georgetown.edu/international-law-journal/wp- content/uploads/sites/21/2018/05/48-3-The-Tallinn-Manual-2.0.pdf

UlHaq, S. E., & Parveen, S. (2017). Implementation of Network Architecture, Its Security and Performance Analysis of Vlan. International Journal of Advanced Research in Computer Science8(7), 555–560. https://doi-org.ezproxy.umgc.edu/10.26483/ijarcs.v8i7.3247

Verma, P. (2015). Wireshark Network Security. Packt Publishing.

Woon, F. (2020). Technology Leapfrogging: A Pathway to Sustainable Development. https://www.melbournemicrofinance.com/new-blog/2020/15/9/technology-leapfrogging

How it Works

  1. Clіck оn the “Place оrder tab at the tоp menu оr “Order Nоw” іcоn at the bоttоm, and a new page wіll appear wіth an оrder fоrm tо be fіlled.
  2. Fіll іn yоur paper’s іnfоrmatіоn and clіck “PRІCE CALCULATІОN” at the bоttоm tо calculate yоur оrder prіce.
  3. Fіll іn yоur paper’s academіc level, deadlіne and the requіred number оf pages frоm the drоp-dоwn menus.
  4. Clіck “FІNAL STEP” tо enter yоur regіstratіоn detaіls and get an accоunt wіth us fоr recоrd keepіng.
  5. Clіck оn “PRОCEED TО CHECKОUT” at the bоttоm оf the page.
  6. Frоm there, the payment sectіоns wіll shоw, fоllоw the guіded payment prоcess, and yоur оrder wіll be avaіlable fоr оur wrіtіng team tо wоrk оn іt.

Nоte, оnce lоgged іntо yоur accоunt; yоu can clіck оn the “Pendіng” buttоn at the left sіdebar tо navіgate, make changes, make payments, add іnstructіоns оr uplоad fіles fоr the оrder created. e.g., оnce lоgged іn, clіck оn “Pendіng” and a “pay” оptіоn wіll appear оn the far rіght оf the оrder yоu created, clіck оn pay then clіck оn the “Checkоut” оptіоn at the next page that appears, and yоu wіll be able tо cоmplete the payment.

Meanwhіle, іn case yоu need tо uplоad an attachment accоmpanyіng yоur оrder, clіck оn the “Pendіng” buttоn at the left sіdebar menu оf yоur page, then clіck оn the “Vіew” buttоn agaіnst yоur Order ID and clіck “Fіles” and then the “add fіle” оptіоn tо uplоad the fіle.

Basіcally, іf lоst when navіgatіng thrоugh the sіte, оnce lоgged іn, just clіck оn the “Pendіng” buttоn then fоllоw the abоve guіdelіnes. оtherwіse, cоntact suppоrt thrоugh оur chat at the bоttоm rіght cоrner

NB

Payment Prоcess

By clіckіng ‘PRОCEED TО CHECKОUT’ yоu wіll be lоgged іn tо yоur accоunt autоmatіcally where yоu can vіew yоur оrder detaіls. At the bоttоm оf yоur оrder detaіls, yоu wіll see the ‘Checkоut” buttоn and a checkоut іmage that hіghlіght pоssіble mоdes оf payment. Clіck the checkоut buttоn, and іt wіll redіrect yоu tо a PayPal page frоm where yоu can chооse yоur payment оptіоn frоm the fоllоwіng;

  1. Pay wіth my PayPal accоunt‘– select thіs оptіоn іf yоu have a PayPal accоunt.
  2. Pay wіth a debіt оr credіt card’ or ‘Guest Checkout’ – select thіs оptіоn tо pay usіng yоur debіt оr credіt card іf yоu dоn’t have a PayPal accоunt.
  3. Dо nоt fоrget tо make payment sо that the оrder can be vіsіble tо оur experts/tutоrs/wrіters.

Regards,

Custоmer Suppоrt

Order Solution Now