Levii Dino Delgado case study response
Student’s Name
Institutional Affiliation
Levii Dino Delgado case study response
Introduction
Businesses suffer from cyber threats that affect the entity’s normal operations. Enterprises need to have elaborate strategies for identifying and mitigating such risks once they occur to ensure the business processes are not interrupted and the entity does not suffer from financial losses (Gunes et al., 2021). Individuals who execute the attacks aim at stealing information, causing damage to the entity systems, and disrupting business operations. Cyber-attacks are evolving over time, necessitating new techniques to deal with challenges and mitigate their impacts once they occur within a business. Levii Delgado, a Henrietta Johnson Medical Center employee, involved himself in cyber-attacks when he compromised the entity system to continue gaining access to the business system, affecting the entity’s operations. This paper seeks to explain the techniques he used to gain access and strategies businesses can employ to mitigate and deal with such occurrences that affect operations.
Case Summary
The case study seeks to explain the action of Levii, a system administrator of a medical center who gained access to the business and interrupted its normal operations. Delgado, a former employee of Henrietta Medical facility, exploited the available vulnerabilities to gain access to the business data and corrupt essential systems to affect the business’s normal operations (CDSE, 2021). Levii accessed the business data through his personal computer, which he connected with the entity system using virtual private data. Delgado continued accessing the business system using another administrator account without the consent of the business management. The individual engaged in malicious action that made it difficult for the organization’s employees to access the system, making it difficult for the entity to provide services to its patients. Delgado’s actions did not tamper with patients’ information, making it easier for employees to offer crucial services. Levii later pleaded guilty to cyber-attacks and was fined and confined at home for engaging in such malicious actions that affected the operations of his former employees. Delgado actions affected the medical center’s reputation and also led to financial losses as the business failed to provide services to its clients as a result of his actions.
Delgado used tactics, techniques, and procedures to gain access to the system.
Businesses can use the MITRE ATT&CK Matrix to analyze attackers’ strategies to gain access to other entities’ systems with vital information. Organizations that embrace and use the matrix can effectively detect and defend themselves against malicious entities interested in stealing crucial data from their systems (Petrenko, 2022). Businesses that embrace the approach can also effectively deal with evolving risks as it provides information on changes in the cyber security sector. Enterprises prefer using the matrix as it aids in threat hunting, identifying security gaps, and providing a common language used by cyber security experts when dealing with various risks that affect the operations of businesses. The approach can effectively identify all the tactics, techniques, and procedures Levii embraced when executing his attack on the medical facility.
Delgado, in his effort of trying to gain initial access, tried to embrace the spearphishing technique that involves the use of phishing emails that enticed the employees to open malicious emails. The individual would access the business systems once the employees accept the malicious emails (Gunes et al., 2021). Besides, the individual also had the executing stage, where he embraced the use of a script to automate certain tasks and remained persistent in his effort to attack the organization system. The attacker, in his effort to remain persistent in his effort to gain access to the business system, Delgado created new services on the employee’s computers to allow him more time to access the system. Levi had the knowledge that more time would help identify weaknesses, allowing easier access to the system to tamper with business operations. The individual also embraced the privilege escalation tactic to bypass the firm’s controls in place of dealing with attacks. Delgado used decoding files to effectively evade the defense protocols that the business had in place for dealing with and identifying malicious entities who tried to gain access to the business systems.
Mitigation techniques
An organization needs to have strategies to help the business deal with cybersecurity issues affecting the entity’s operations. The firm cyber security team can use the techniques to identify, mitigate, and protect the business from data loss(CDSE, 2021). An enterprise needs to have a strong system of filtering emails to deal with all suspicious attachments that entities can use to try and gain access to the system. The business can also embrace regular patching of the systems to deal with all the vulnerabilities that malicious entities might use to attack the enterprise. Besides, the organization needs regular training to impact the relevant skills of its employees and what they should do when dealing with business issues. Enterprises need elaborate backup systems to help businesses retrieve information lost after a malicious attack.
Organizations affected by cyber security
Organizations have suffered from different cyber security vulnerabilities malicious entities execute to steal valuable data. Businesses have suffered financial losses and a negative reputation affecting their operations (Lee, 2021). For instance, Capital One Company recently experienced a cyber-attack directed towards their system to steal valuable customer data. The attack was executed by an individual previously working for Amazon and took advantage of a misconfigured firewall.
Conclusion
Organizations need an elaborate strategy for dealing with cyber-attacks as the tactics used in executing the actions keep changing as the attackers have new approaches. Businesses need to embrace the MITER ATT&CK Matrix technique to identify and mitigate the vulnerabilities they can use to access the system. The firm must also have clear tactics for identifying and mitigating risks once they occur to ensure that the actions do not compromise the business operations.
References
CDSE. (2021). Case study: Levii Dino Delgado. Center for Development of Security Excellence. https://www.cdse.edu/Portals/124/Documents/casestudies/case-study-delgado.pdf
Gunes, B., Kayisoglu, G., & Bolat, P. (2021). Cyber security risk assessment for seaports: A case study of a container port. Computers & Security, 103, 102196.
Lee, I. (2021). Cybersecurity: Risk management framework and investment cost analysis. Business Horizons, 64(5), 659-671.
Petrenko, S. (2022). Cyber security innovation for the digital economy: A case study of the Russian Federation. River Publishers.