Project 4: Protecting the Homeland Step 18: Compile the Cyber Sector Risk Profile Develop the Cyber Sector Risk Profile, a culmination of your research of risks and defense strategies in your sector....

Project 4: Protecting the Homeland
Step 18: Compile the Cyber Sector Risk Profile
Develop the Cyber Sector Risk Profile, a culmination of your research of risks and defense strategies in your sector. In this profile, provide a cybersecurity analysis of your industry sector.
Combine this information with the risk profile and risk threat matrix from prior steps to create this comprehensive profile.

2
Introduction
Cyber risks threaten every sector with damaging consequences of data exposure, system outages, and financial impacts. Some industries and sectors are targeted more frequently than others. The U.S. Federal Government encompasses the legislative, executive, and judicial
anches and the authorities withheld by each, including taxation, budget, military defense, and foreign affairs. The responsibilities and engagements of the Federal Government make this entity a common target for cyberattacks among various adversarial groups. This risk profile will identify the risks to the U.S. Federal Government and the risk management techniques that the government can leverage to counter these persistent threat actors and their tactics, techniques, and procedures.
Threats
    Similar to other industries, the federal government is exposed to physical and cyber threats. Therefore, the government must understand the cu
ent threat landscape to safeguard its assets against cyber threats. One of the primary concerns is the cyber threat to critical infrastructure. There are 16 critical infrastructure sectors, including healthcare, financial, food and agriculture, water, defense, and emergency services (CISA, n.d.-b). These sectors are considered vital services, and a disruption in these sectors would have a debilitating effect on our national security, financial security, public health, or safety (CISA, n.d.-b).
The federal government’s focus on cyber threats also aims to protect sensitive and classified information from an adversarial
each. Federal networks are the information technology system networks that the government relies on for essential operations. Internal and external attacks frequently target these federal networks to exfiltrate high-value data. Protecting these physical networks from damage, interception, or security
eaches also protects the government’s data.
Threat Actors Targeting the US
The Federal Government networks and critical infrastructure are targeted by unsophisticated hackers, insider threats, and nation-state cyber actors equipped with sophisticated cyber tools. The U.S.’ primary nation-state cyber threats are China, Russia, North Korea, and Iran. China maliciously targets the U.S. for intellectual property and multiple critical infrastructure sectors, including defense information, chemical systems, and communications (CISA, n.d.-a). Russia engages in malicious cyber espionage to affect or influence U.S. social and political activity, industrial control infrastructure, nuclear facilities, and critical infrastructure (CISA, n.d.-e). North Korea poses an evolving threat of espionage, theft against financial institutions and cryptocu
ency, and attack threats (CISA, n.d.). Finally, Iran continuously develops its cyber capabilities to suppress political activity, deploy destructive malware, and steal personally identifiable information (CISA, n.d.-c).
Insider threats are another concern for the Federal Government. Employees have access to classified and sensitive data that must be protected from insider threats and data exfiltration. The security incident at the summit demonstrated how vulnerabilities could be exploited, and internal threats can disrupt operations and cause damage. Fortunately, these vulnerabilities were remediated using technical and security controls adopted by the U.S. government.
 Relevant Security Controls
Protecting our nation’s federal networks and critical infrastructure from adversarial
eaches requires risk management informed by threat intelligence. The risks associated with internal threats, cyber hackers, and nation-states require proactive countermeasure implementation using security and privacy controls. NIST SP XXXXXXXXXXcontrol families provide 20 categories of protective measures, including Access Control (A.C.), System and Communications Protection (S.C.), and System and Information Integrity (S.I.). Various solutions can be implemented to meet the (A.C.) control, such as multi-factor authentication with a zero-trust framework to restrict and limit access to information resources. NIST (SC-5) recommends protecting systems and communications from denial-of-service attacks via technical controls that filter packets. Application of this control would suggest the government implement firewalls with intrusion detection systems and anti-virus software. NIST (S.I.) provides recommendations for various protections such as malicious code protection (SI-3), system monitoring (SI-4), and input validation (SI-10). The application of the NIST guidance will ensure that the U.S. Federal Government comprehensively safeguards the information networks and control systems that subsequently protect our critical infrastructure from adversarial threats.
Summary
    The primary cyber risks that threaten the U.S. are hackers, insider threats, and nation-state-sponsored hackers. These malicious actors pose a significant and persistent threat to the safety and security of the U.S. population. Therefore, the Federal Government has adopted the guidance of NIST to prescribe relevant security and privacy controls to safeguard information networks, critical infrastructure, and the SCADA systems that monitor and control these industrial control systems.
References
CISA. (n.d.-a). China cyber threat overview and Advisories. Retrieved from https:
www.cisa.gov/uscert/china
CISA. (n.d.). Critical infrastructure sectors. Retrieved from https:
www.cisa.gov/critical-infrastructure-sectors
CISA. (n.d.-c). Iran cyber threat overview and Advisories. Retrieved from https:
www.cisa.gov/uscert/iran
CISA. (n.d.-d). North Korea cyber threat overview and Advisories. Retrieved from https:
www.cisa.gov/uscert/northkorea
CISA. (n.d.-e). Russia cyber threat overview and Advisories. Retrieved from https:
www.cisa.gov/uscert
ussia
 NIST. (2020, September). Security and privacy controls for information systems and organizations. Retrieved from https:
nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf
Wikipedia. (n.d.). Scada. Retrieved from https:
en.wikipedia.org/wiki/SCADA

2
Risk Threat Matrix
Group 1 – Team United States/Federal Government
University of Maryland Global Campus
CYB XXXXXXXXXXCapstone in Cybersecurity
Professor Glebocki
June 4, 2022
Table of Contents
1.    Summary    3
2.    Risk threat matrix    3
3.    Conclusion    4
4.    References:    6
    
1. Summary
Cyber security-based risks and threats have increased, creating financial and confidential data loss issues for organizations and individuals. There are different cybersecurity-related risks to the US Federal Government, which can have different impacts. Thus, to effectively handle the possible risks and define the mitigation techniques, the risk threat matrix is being developed in this report. The Federal Government will implement different regulations like HIPPA, etc., to handle the possible risks effectively. The classification of possible risks to the USA Federal Government and all its infrastructure is ca
ied out with the help of a developed risk threat matrix.
2. Risk threat matrix
The developed risk threat matrix, which contains different possible risks, their categories, attack vector, and impact levels, is provided underneath:
    Risk
    Vulnerability
    Category
    Threat
    Attack vecto
    Impact facto
    Cu
ent threats to USA Federal government
    Leakage by openSSH connections
    Software
    Data modification,
Confidential data loss
    Men in middle based attack
    High
    
    Unsecured connections from public web pages or websites
    Web application
    Authentication failure,
Confidential data loss
    XML or script based attack
    High
    
    Phishing attacks on confidential information of infrastructure
    Email or application
    Hijacking of the complete system, ransomware attacks
    Email-based or application-based attacks.
    High
    Emerging threats in future
    Attacks on infrastructure
    Software, hardware, or application script
     Exfiltration, an interception in services, data exploitation, modification of confidential data
    Vulnerabilities in used hardware, use of insecure applications, exploits of web
owser, phishing, MITM,
Malware, spyware
    High
    
    IoT devices-based attack.
    Software, hardware, or application script
     Exfiltration, an interception in services, data exploitation, modification of confidential data
    Botnet attack, the man in the middle attack, eavesdropping attacks
    Middle
    
    Mobile device-based attacks
    Software, hardware, or application script
     Exfiltration, an interception in services, data exploitation, modification of confidential data
    Phishing attacks, ransomware attacks, MITM attacks, DOS attacks, Bluesnarfing attacks, malware attack
    High
    Common risks
    Infrastructure risks
    Emails, software, or hardware
    Integrity loss, authentication failure, transaction failure, sign-up failure.
    Phishing attacks, malware attack
    Low
The possible risks to the Federal Government are identified in the above-developed risk threat matrix. In addition, the possible source of these risks is also identified in the above-supplied risk matrix.
3. Conclusion
Identifying possible risks to the complete infrastructure of the USA federal government is a critical task. There are so many risks that can cause issues to the defined infrastructure. The implementation of IoT devices has increased the chances of possible risks to the defined infrastructure by the federal government. The identification of possible risks to the maintained infrastructure by the USA federal government is ca
ied out in this report. The possible risk threat matrix is developed, and their impact level is defined. The possible source of these risks or attack vectors is also defined in this report. Implementing regulations like HIPPA can help the federal government control these risks and threats.
4. References:
Al Nafea, R., & Almaiah, M. A. (2021, July). Cyber security threats in the cloud: A literature review. In 2021 International Conference on Information Technology (ICIT) (pp XXXXXXXXXXIEEE.
Humayun, M., Niazi, M., Jhanjhi, N. Z., Alshayeb, M., & Mahmood, S XXXXXXXXXXCyber security threats and vulnerabilities: a systematic mapping study. Arabian Journal for Science and Engineering, 45(4), XXXXXXXXXX.
Williams, C. M., Chaturvedi, R., & Chakravarthy, K XXXXXXXXXXCybersecurity risks in a pandemic. Journal of medical Internet research, 22(9), e23692.