CJST 4524/6604 A Question of National Security Investigation Fall 2015
Your investigation team has been called by McNorton-Dunham, a defense contractor working on the next generation of predator drones for the U.S. Department of Defense. On Friday, October 30, 2015, the whistle-blowing web site, Wikileaks, published several classified documents detailing communication between McNorton-Dunham and officials at the Pentagon regarding the X11-a5, the newest generation of predator drones that McNorton-Dunham is currently testing. Following the release of the documents, McNorton-Dunham’s computer network came under a DDOS attack that is still continuing today. Messages on Twitter and videos on Youtube have been found showing the hacktivist group, Anonymous, taking credit for the continuing attack. Because of the threat to national security posed by the release of confidential communications, McNorton-Dunham and officials at the Pentagon wants all parties involved prosecuted to the furthest extent possible.
Officials at McNorton-Dunham believe that the leaked documents were the work of an insider. All of the employees who had legitimate access to the leaked documents have been polygraphed and have been found to have no knowledge of the leak. General policy for the company is that all employees must swipe a key card to gain entrance to McNorton-Dunham. All personal items; purses, lunch bags, backpacks and briefcases; are inspected by security personnel upon entrance and exit from the company. All employees use an RSA token and password to be authenticated on the McNorton-Dunhamcomputer network. The company maintains a number of closed-circuit surveillance cameras throughout the physical plant including all of the points of entrance/exit as well as at entrances to classified areas.
While McNorton-Dunham has only one physically computer-based network, access to data is strictly controlled using a RBAC system. All of the computers at McNorton-Dunham contain no drives that would allow an employee to use any type of removable storage device (USB) or optical disc (CD, DVD). Wi-Fi is not used at McNorton-Dunham. The network administrators have firewalls at several locations throughout the companies network and employ the use of an intrusion detection system. The IDS logs prior to Friday do not indicate any type of intrusion prior to the current DDoS attack. All incoming traffic passes through an application gateway proxy firewall and outgoing traffic is logged via a circuit-level proxy firewall.
The human resources department at McNorton-Dunham is responsible for all background checks done for all employees at the company. They have developed a short list of employees who have either filed grievances in the past year, or who have had other events occur that could indicate a possible security problem. They have identified the following employees as the potential leaker. None of the employees had direct access to the communications that were leaked.
• Linda Blair –38-year-old administrative assistant, employed by McNorton-Dunham for the past 15 years. Linda was reprimanded for the use of an intoxicant while on the job. She attended a 15-day rehab program and has been back at work for the past 5 weeks with no indication of further intoxicant use on the job.
• Marty Feldman –45-year-old flight specialist, employed by McNorton-Dunham for the past 20 years. Marty has a long record of insubordination to female supervisors. The most recent incident occurred three months prior to document leak when criticism from a female superior led to Marty using derogatory language toward the woman. He was suspended without pay for three days and was demoted one pay level.
• Katherine Hutton –26-year-old accounts payable clerk, employed by McNorton-Dunham for the past year. Katherine has a spotty attendance record and has received several verbal warnings due to her poor attendance. Human Resources reports that several of Katherine’s co-workers have heard her discussing trips to the local gambling casino prior to many of her absences. Katherine is also rumored to be involved with her immediate supervisor, James Douglass.
• James Douglass – 32-year-oldaccountant, employed by McNorton-Dunham for the past eight years. While Douglass’s employment record is spotless, Human Resources has added Mr. Douglass to the list because of his reported involvement with Ms. Hutton. At this time, Mr. Douglass is married and father to two small children. Several coworkers reported that Mr. Douglass and Ms. Hutton have been spotted leaving the parking lot together in the same vehicle at lunchtime and the two have been spotted together at a local bar after work.
Your investigated team must try to determine several things for McNorton-Dunham:
1) Can charges be brought against Wikileaks (Look at past history of the web site)
2) Can the current DDoS attack against Anonymous be proven How would you gather the evidence If so, can charges be brought (Has Anonymous been charged in the past If so, what has been the outcome )
3) What information do you need to determine which on of the insiders should be questioned about the leak (Log files, surveillance videos, building entrance logs, etc.) Requested log files will be made available following next week’s class.
4) How could the information have been exfiltrated from the company
5) If the leak can be traced to one McNorton-Dunham’s employees, what charges could they face
6) Use the log files provided to create a timeline and recreate the crime. Make sure you record all of the evidence against the employee or employees involved so that the prosecutor can bring charges. You will need to examine all of the log files given to you to gather your evidence. (Hint: what is port number 5222 used for )
Our Service Charter
Excellent Quality / 100% Plagiarism-FreeWe employ a number of measures to ensure top quality essays. The papers go through a system of quality control prior to delivery. We run plagiarism checks on each paper to ensure that they will be 100% plagiarism-free. So, only clean copies hit customers’ emails. We also never resell the papers completed by our writers. So, once it is checked using a plagiarism checker, the paper will be unique. Speaking of the academic writing standards, we will stick to the assignment brief given by the customer and assign the perfect writer. By saying “the perfect writer” we mean the one having an academic degree in the customer’s study field and positive feedback from other customers.
Free RevisionsWe keep the quality bar of all papers high. But in case you need some extra brilliance to the paper, here’s what to do. First of all, you can choose a top writer. It means that we will assign an expert with a degree in your subject. And secondly, you can rely on our editing services. Our editors will revise your papers, checking whether or not they comply with high standards of academic writing. In addition, editing entails adjusting content if it’s off the topic, adding more sources, refining the language style, and making sure the referencing style is followed.
Confidentiality / 100% No DisclosureWe make sure that clients’ personal data remains confidential and is not exploited for any purposes beyond those related to our services. We only ask you to provide us with the information that is required to produce the paper according to your writing needs. Please note that the payment info is protected as well. Feel free to refer to the support team for more information about our payment methods. The fact that you used our service is kept secret due to the advanced security standards. So, you can be sure that no one will find out that you got a paper from our writing service.
Money Back GuaranteeIf the writer doesn’t address all the questions on your assignment brief or the delivered paper appears to be off the topic, you can ask for a refund. Or, if it is applicable, you can opt in for free revision within 14-30 days, depending on your paper’s length. The revision or refund request should be sent within 14 days after delivery. The customer gets 100% money-back in case they haven't downloaded the paper. All approved refunds will be returned to the customer’s credit card or Bonus Balance in a form of store credit. Take a note that we will send an extra compensation if the customers goes with a store credit.
24/7 Customer SupportWe have a support team working 24/7 ready to give your issue concerning the order their immediate attention. If you have any questions about the ordering process, communication with the writer, payment options, feel free to join live chat. Be sure to get a fast response. They can also give you the exact price quote, taking into account the timing, desired academic level of the paper, and the number of pages.