QUESTION

This assignment is worth 50% of the total marks for the module.

• Spyware has been universally acknowledged as one of the most serious threats to businesses due to its inherent capability to facilitate attacks on corporate data and damage or compromise sensitive organisational information. It functions by stealthily installing a tiny piece of software on user’s computers, which then transmits data from those computers to an unauthorised third party without the users or their organisation being aware of it.

This type of cyber security risk is becoming especially hard to fight against due to the widening presence of spyware kits on the Net, which can be obtained and easily used for launching an attack without any significant IT skills. Hence, protection against spyware must be recognised as an essential element of any IT security strategy.

Critically analyse the most typical scenarios leading to the increased exposure to spyware attacks. Suggest specific counter-measures which could be incorporated to the corporate information security strategy. These should include:

• Infrastructures to minimise the likelihood of the occurrence of such an event.(Preventive approach)
• Mechanisms to mitigate the issues created by the occurrence of such an event (the reactive approach)
• Policies which recognise this threat as an overall business risk rather than merely technical risk.
• Using WinHex or a similar tool, try to load your operating system swap file for digital forensics investigation. Report your findings about:
  1. Recovered deleted files

  2.   Extracting used passwords