The Crypto Academy: Threat Scenario Analysis

Exploiting Hidden Malware in Foreign Manufactured US Computer Components

Foreign manufacturers (OEM) have implanted silent malware in computer components sold to the US. This malware may be activated en masse should hostilities commence between the US and the attacking country, leading to virtual paralysis, or at least a very serious damage, depending how prevalent this malware.

.

The above threat scenario needs to be professionally analyzed, appraised, and if credible -- confronted. Should you wish to challenge yourself, fill in your take on it, and click-send it to Prof. Gideon.

If you are registered with any educational framework with the Crypto Academy, your input will be properly evaluated. But anyone is invited to respond and 'take a shot' at any threat scenario. If you leave contact information, and your analysis impresses a security official, you may be contacted for further activity. However, you may also respond using an anonymous identification tag.

You may consult relevant experts, and quote them as you see fit. You can also quote a source unwilling to be named, if you certify that the source is knowledgeable. However the analysis as a whole should be under your name.

Don't force it! If you are unable to provide a sensible answer to any analytic question below, simply say so, rather than pick an answer from thin air.

Don't forget to click the "send" button when done...

[HOME]

Fill in if Applicable: This Threat may materialize in distinct options. This response regards option number characterized here:



Part A: Threat Appraisal


How Credible the Threat?

Within the next three years, what is the chance for this threat scenario to happen?

It's inevitable that this threat will materialize.
This threat is very credible, and highly likely.
The chance for this threat to happen is considerably greater than its chance not to happen.
This threat is slightly more likely to happen than not to happen.
This threat is slightly more likely not to happen than to happen
The chance for this threat not to happen is considerably greater than its chance to happen.
This threat is far-fetched, and highly unlikely.
This threat is of negligible chance to happen.

Provide support arguments for your selection above:




Appraise the Impact of the Threat

Evaluate the prospective damage, should the threat materialize in full.


Catastrophic -- survival threat
Devastating - a Fundamental Systemic Shock
Serious, Requires major Re-Adjustment
Tactical, limited damage, no systemic shock
Negligible

Provide support arguments for your selection above:



Threat Characterization:

Who are the prospective perpetrators of the threat?
Appraise the Committed Resources and the Motivation to carry out the Threat
Appraise the Strategy, Methods, and Tools that will be used by the perpetrators:



Part B: Monitoring the Threat


How do you propose to monitor the danger from this threat as it evolves over time?



Part C: Meeting the Threat


Any proposals to effectively deter the prospective perpetrators from carrying out the threat?

Any proposals to effectively lure and entrap the prospective perpetrators so that they expose themselves, and get caught before they harm us?

Any proposals to effectively prevent the threat from materializing?

Any proposals to effectively intercept the threat as it comes about?

Any proposals to effectively limit the damage once the threat materializes and is detected?

Any proposals to effectively recover from the damage afflicted by the threat that defeated our defenses?

Resources to carry out this Security Strategy: Funds, Talent, and Time needed to carry out all the proposals above.
Organizational Alliance: List any Cyber Security Organizations you would wish to collaborate with, and explain the joint strategy.




Part D: Appraisal of the Impact of the Proposed Security Measures


Appraise below the likelihood of the threat to happen and its associated damage, given that all the here proposed security measures are put in place.


It's inevitable that this threat will materialize (despite our deployed defense)
This threat is still very credible, and highly likely.
The chance for this threat to happen is still considerably greater than its chance not to happen.
This threat is now slightly more likely to happen than not to happen.
This threat is now slightly more likely not to happen than to happen
The chance for this threat not to happen is now considerably greater than its chance to happen.
This threat is far-fetched, and highly unlikely.
This threat is of negligible chance to happen.

Provide support arguments for your selection above:




Appraise the Impact (damage) from the carried out threat should it happen while all the proposed security measures are in place.


Catastrophic -- survival threat
Devastating - a Fundamental Systemic Shock
Serious, Requires major Re-Adjustment
Tactical, limited damage, no systemic shock
Negligible

Provide support arguments for your selection above:




Enter here any relevant matter for which there was no fitting rubric above:




Reference


List here the references that support your claims in this form:



Identification:
  • First Name:
  • Last Name:
  • eMail:
  • Additional Contact Information:
  • Instructions:

    Answer the posted questions to the best of your ability. Take your time, don't rush. Make sure you catch all the subtleties! Don't forget to fill in your identification and please don't neglect to click the 'send' button below.

    Who am I?


    I am registered to a Class Express Cyber Security workshop
    I am a UMUC student
    I am a Case Western Reserve Student
    I am a new participant wish to explore this opportunity



    Exposure


    I wish this analysis is exposed only to its assigned evaluator
    I agree to share my analysis with cohorts
    I agree to share my analysis with various others while I remain anonymous.
    I agree to share my analysis with various others, but I don't wish to be contacted about it.
    I agree to share my analysis with various others, and I am ready to seriously elaborate on it.


    I hereby declare that this Cyber Threat Analysis reflects my personal opinion, and while I may have used input from other sources, which are clearly identified herein, the work as a whole is my own, and I am prepared to defend its statements.

    I so declare. I don't make the above declaration


    Version: TA-H5714 * [HOME]