(a)
i) Critical National Infrastructure (CNI) are national assets that are essential for the functioning of society, such as those associated with energy supply, water supply, transportation, health, and telecommunications. CNI systems comprise monolithic networks increasing interconnected to other devices and networks for increased productivity and remote monitoring.
Consider the devices in the scenario and clearly identify two key vulnerabilities for CNI. (You should use an example of a recent CNI attack within your explanation).
[5 marks]
ii) APTs are typically attributed to state-sponsored organisations, with some attacks likely from criminal enterprises as well. Define the acronym “APT” and explain how APTs differ from other types of cyber-attack?
[5 marks]
iii)The MITRE attack framework is used to mitigating and detecting APT techniques. For a scenario where the adversary is trying to gather information they can use to plan future operations, ‘Reconnaissance’, name and describe three techniques used by adversaries to scope and plan their compromise.
[9 marks]
(b)
i) Ransomware has evolved heavily over the past few years to include several new network exploits, including modified polymorphic front end, and zero-day worm propagation techniques. Identify and explain two configurations for defending networks against ransomware exploits.
[4 marks]
ii) What is meant by ‘network resilience' and why is it important?
[2 marks]